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The set of real numbers (denoted by R) includes all 
numbers except the set of complex numbers (denoted by C). 
Real numbers having no fractional (decimal) part are known as 
integers. By definition, therefore, integers are integral numbers. 
The complete set of integers (denoted by Z from the German 
word for numbers, Zahlen) includes the set of positive integers, 


the number zero, and the set of negative integers: 
Z={---,-6,-5,-4,-3,-2,-1, 0, 1, Es J; 4, ae 6,--- (1-1) 


The number zero is considered to be neither negative nor 
positive. The integer set Z is not bounded above or below. 
Integers can be represented geometrically as equally spaced 
points on a line that extends to infinity in both directions. Such 


a line is known as a number line (see Figure 1-1). 


Figure 1-1 Integers on a number line. 


The set of natural numbers (denoted by N) is defined to 
be the set of positive integers. Each positive integer is then an 


element of the set of natural numbers. Natural numbers are a 


subset of the set of integers. Because natural numbers arise 
from the process of counting, these were the first numbers 
recognized and the first numbers studied. Almost all numbers 
encountered in this book will be integers, and most will be 
positive integers unless noted otherwise. Natural numbers 
together with the number zero are referred to as whole 
numbers (denoted by W). 


The natural numbers form a continuous sequence: 


N={ fag Bee TO dds of (1-2) 


In number theory, a sequence is an ordered set of terms. The 
natural number sequence is ordered according to increasing 


size of the numbers: 
1<2<3<4<5<6<7<8<9<10<11,::: (1-3) 


The set of natural numbers N is bounded below by 1, but is not 


bounded above. 
Any integer in the natural number sequence is always 1 


greater than the preceding integer. For this reason, any integer 
n in the natural number sequence is always equal to the sum of 
n ones. The natural number sequence is then a linear 
sequence. The distance separating the points of consecutive 
integers on a number line is a constant one unit. The natural 


numbers form a discrete set rather than a continuous set. If a 


and b are two natural numbers such that a <b, then there must 
exist a natural number c such that a+c=b. 
Two important principles applying to any set of positive 


integers are: 


1. The well-ordering principle — any nonempty subset S 
of nonnegative integers will have a smallest element, 
and so is bounded below. For some integer a in S$, we 
will have a<b for all other integers b in S. The set S$ is 


then considered to be well-ordered. 


2. The greatest-integer principle — any nonempty subset 
of positive integers that is bounded above will have a 


largest integer. 


Example 1-1 


Is the set of all odd integers well-ordered? 


Solution: 
No, since odd integers can also be negative and so do not 


have a smallest element. 


1.1 ALGEBRAIC PROPERTIES OF INTEGERS 
The algebraic properties of integers are well known and 


are summarized in Table 1-1 for the mathematical operations of 


addition and multiplication. These operations with integers 
produce only integers, and so integers are considered closed for 


these operations. 


Associative a-(b-c 


int eel 


Table 1-1 Integer operations of addition and multiplication. 


In Table 1-1 a,b,c eZ, where the symbol € means belongs 
to or is a member of the set of. The operations of subtraction and 
division are not included in this table since these operations are 
neither associative nor commutative for integers. 

An important law applying to all integers is the law of 
order. This law states that for a,beZ, we must have a<hb, 


a=b,ora>b.lfa>b then a+c>b+c and aec>bec. 


1.2 EVEN AND ODD INTEGERS 

Each integer that is exactly divisible by 2 is called an even 
integer. Similarly, each integer that is not so divisible is called 
an odd integer. All even integers are a multiple of 2, whereas 
no odd integers are a multiple of 2. The classification of integers 
as even or odd depends on their relation with the number 2. All 
even numbers when divided by 2 will have a remainder of 0. 
All odd numbers when divided by 2 will have a remainder of 1. 

Every even integer a must have the form a=2+k where k 
is some integer. Every odd integer a must have the form 
a=2+k+1 where k is some integer. 

Even integers always end with the digit 0, 2, 4, or 8. Odd 
integers always end with the digit 1, 3, 5, 7, or 9. Beginning 
with any even integer in the natural number sequence, every 
other number is an even integer. Beginning with any odd 
integer in the natural number sequence, every other number is 
an odd integer. Some properties of mathematical operations 


with even and odd integers are: 
1. The sum or difference of any two even integers is even. 
2. The sum or difference of any two odd integers is even. 


3. The sum or difference of an even integer and an odd 


integer is odd. 


4. The product of any two even integers is even. 
5. The product of any two odd integers is odd. 
6. The product of an even and an odd integer is even. 


7. The square of an even integer is even and the square of 


an odd number is odd. 


Example 1.2-1 


Show that the sum or difference of any two odd integers is 


even. 


Solution: 


If a is an odd integer, it must have the form a=2+k+1 where 
k is some integer. The sum of two odd integers is then: 
(2k, +1)+(2°k, +1)=20k, +2¢k,4+2=2¢(k, +k, +1) 


which is even since it is divisible by 2. The difference of two 


odd integers is: 
(2+k, +1)—(2+k, +1)=2+k, -2¢k, =2+(k,-k,) 


which is even since it is divisible by 2. 


Example 1.2-2 


Show that the product of any two odd integers is odd. 


Solution: 
If a is an odd integer, it must have the form a=2+k+1 where 


k is some integer. The product of two odd integers is then: 
(2+k, +1)*(2+k, +1) =4ek, +k, +20k, +2¢k, +1 
=2+(2+k, +k, +k, +k,)+1 


which is an odd integer since it is not divisible by 2. 


Example 1.2-3 


Show that if a>3 is an odd integer, then (a*-1)/ 4 is an 


integer. 


Solution: 
Since a is an odd integer, it must have the form a=2+k+1 


where k is some integer. Therefore we have: 


2 


a Oe) ee kl 


4 4 4 


=k’ +k 


which is an integer. 


Example 1.2-4 


Show that the sum of the two integers a° and a is even. 


Solution: 


a’ +a=a+(a+l) 


Since every other integer in the natural number sequence is 
even, either a or a+1 must be even and the other must be 
odd. The product of an even and an odd number is always 


even and so a’ +a is even. 


If an integer a is odd, then for some k € Z we will have either 
a=4ek+1 or a=4ek+43. 
Proof: 


Since a is odd we have a=2+/+1 forsome /. 


If 7 is even, we have j=2+k and so: 
a=2e2ek+1=4ek+1 (1.2-1) 
If 7 is odd, we have j=2+¢k+1 and so: 
a=2+(2+k+1)+1=4-k +3 (1.2-2) 


Note that the symbol m signifies the end of a proof in this book. 


Ifa and b are odd integers having the form 4+k+1 where 
k € Z, then their product ab also has the form 4+k +1. 


Proof: 


Let: 
a=4ek, +1 (1.2-3) 
b=4-k, +1 (1.2-4) 


Then: 
asb=(4ek,+1)+(4¢k, +1) =160k, +k, +4ek,+4ek, +1 (1.2-5) 


OT 

ashb=46(4ek +k, +k, +k )+1 (1.2-6) 
Letting: 

k=4ek ek, +k +h (pe?) 
We have: 

acb=4ek+1 (1.2-8) 
a 


1.3. DEFINITION OF PRIME NUMBERS 

Every positive integer (natural number) is either a prime 
number or a nonprime number. The definition of a prime 
number can be obtained by considering the set L of logarithms 
(base e) of natural numbers whose logarithms are each greater 


than zero: 


L={In2,1n3,In4,In5,In6,In7,In8,---,Inn} = (1.3-1) 


A prime number can be defined as any positive integer a 
such that Ina is positive and is not equal to the sum of any 
two or more elements in the set L. Prime numbers constitute 
a logarithmic set of numbers. 

The set of all prime numbers is denoted by P. The first few 
numbers in the set L that are logarithms of numbers in the set 
P are: In2, In3, In5, and In7. 

Note that the number 1 is not included in the set (1.3-1) 
since its logarithm is not positive. Therefore the number 1 is not 
a prime number. If a is a prime number then, a cannot be 
represented as the product of two or more positive integers, 
each of which is greater than one. 

The definition of a prime number generally found in 
textbooks is not that given above. Rather a prime number is 
defined as any positive integer greater than 1 that can be 
exactly divided by only two positive integers: 1 and itself. 
This definition has the disadvantage of not providing a good 
rational why the number 1 should not be considered a prime 
number. In all other respects, however, it can be seen that the 
two definitions of prime numbers given above are equivalent. 

A prime number will then always be the product of only 
two integers: 1 and itself. A prime number is never equal to the 
product of two or more prime numbers. Euclid in Book VII of 


The Elements (Definition 11) defined a prime number to be “that 


which is measured by a unit alone.” That is, a prime number has 
no factor smaller than itself except the number 1. A prime 
number is also referred to as a prime, and the property a 
number has of being prime is referred to as primality. 

If a positive integer a is a nonprime number greater than 
1, Ina can always be obtained by summing the logarithms of 
some prime numbers. If a is a nonprime number greater than 1, 
therefore, a is equal to the product of two or more prime 
numbers that are each less than a. This is the reason nonprime 
integers are referred to as composite numbers, with the 
number 1 being the sole exception. The number 1 is neither 
prime nor composite. 

Note that 2 is the only even prime number, and so 2 is the 
only even number that can be divided exactly by just two 
integers, 1 and itself. All even numbers greater than 2 have the 
number 2 and at least one other prime number as factors, and 
so are composite. 

Similarly, all numbers larger than 5 that end in 5 have at 
least two prime numbers as factors (one of which is 5), and so 
are composite. This means that all prime numbers greater than 
5 end in 1, 3, 7, or 9. This is a necessary condition for a number 
to be prime, but it is not a sufficient condition. 

Prime numbers less than 1000 are given in Table 1-2, and 


prime numbers less than 10000 are given in Appendix D. Many 


more than 10000 prime numbers have been determined (see the 


various prime number lists to be found on the internet). 


ES 
79 | 8389 | 97) 101 | 103107 
“ast | as7_| 163 | 167 | 173 | 179 | 181 
“397 | aor | 409 | a9 | 421 | 431 | 433 


“arg | 487 | an | 499 | 503 | soo | 521 
“577_| 587 | 593 | 599 | 601 | 607 | 613 


Table 1-2 Prime numbers less than 1000. 


Although the occurrence of prime numbers along the 


number line is not linear, it is also not random. Nevertheless, no 


equation has ever been discovered that fully describes the 
observed pattern of primes along the number line. Exactly 
where the next prime will appear along the number line cannot 
now be accurately predicted. Prime numbers are observed to 
become scarcer along the number line as the numbers increase, 
but they never disappear completely from the line; the number 


of primes is infinite (see Section 1.8). 


Example 1.3-1 


Show that 2 and 3 are the only two consecutive integers that 


are prime numbers. 


Solution: 


Let a and a+1 be any two consecutive integers. Then one of 
these integers must be odd and the other even. The only even 
prime number divisible by 2 is 2, and so the even integer 
cannot be a prime number unless it equals 2. The only two 


consecutive integers that are prime numbers are then 2 and 3. 


Example 1.3-2 
Show that 2, 3,5, and 7 are prime numbers while 4, 6, 8, and 9 


are composite numbers. 


Solution: 


2, 3, 5, and 7 are prime numbers since no two or more 
logarithms in the sequence L when added together equal the 


logarithm of any of them. 


4, 6, 8, and 9 are composite numbers since the logarithms of 
each of these numbers can be obtained by summing the 
logarithms of some prime numbers: 


In4=In2+1In2 =In(2+2) 
In6 =In2+1In3 = In(2+3) 
In8 =In2+In2+In2 =In(2+2+2) 


In9 = 1In3+In3 = In(3+3) 


1.4 PRIME FACTORIZATION OF INTEGERS 
All composite numbers can be broken down into factors. If 
any of these factors are composite, they can, in turn, be broken 
down into factors. This process can continue until all the factors 
of the original composite number are prime numbers. We see 
then that all factors of a composite number can ultimately be 
broken down to prime numbers. The resulting factors are 
known as the prime factorization of the number. The prime 
factorization of a number never includes 1 as a factor since 1 is 


not considered a prime number. 


A composite number a, in addition to having the divisors 
1 and a, will always have other divisors less than a but greater 
than 1. The logarithm of a composite number is always equal to 


the sum of the logarithms of two or more prime numbers. 


Example 1.4-1 


Determine the prime factorization of: 


1. 60 

Wie ok 

3. 62 

4. 63 
Solution: 


1. The prime factorization of 60 is: 60 = 6+10 = 2° «3«5 
2. The prime factorization of 61 is: 61 
3. The prime factorization of 62 is: 62 =2+31 


4 The prime factorization of 63 is: 63 =7+9 = 3° +7 


We will now prove several propositions related to the 


prime factorization of integers. 


Any composite number can be decomposed into factors that are 


all prime numbers. 


Proof: 

We begin by assuming the proposition to be false. We will 
then show that this assumption leads to a contradiction and so 
cannot be correct. Verifying a proposition using this method is 
known as proof by contradiction, as indirect proof, and as 
reductio ad absurdum (see Appendix B). 

Seeking a contradiction, we will assume composite 
numbers exist that cannot be broken down into the product of 
prime numbers. We will let a be the smallest such composite 
number. Since a is a composite number, we nevertheless must 


have: 


a=bec (1.4-1) 
where the integers b and c are both factors of a, and where 
l<b<a and l<c<a. Since a is the smallest number that 
cannot be written as the product of prime factors, both b and c 
can be written as products of prime numbers. Since a is simply 
the product of b and c, this means that a can also be written as 
the product of primes. Therefore our assumption was wrong, 


and so all composite numbers can be written as the product of 


prime factors. Any natural number is then either a prime 
number or can be decomposed into factors that are all prime 


numbers. m 


From Proposition 1.4-1, we see that prime numbers 
function as the basic building blocks of a number system. All 
positive integers that are not prime numbers can be 


decomposed into prime number factors. 


Table 1-3 Prime factors. 


The prime number factors for ne N are given in Table 1-3 
for 1<n<20, and in Appendix E for 1<n<1000 The set of 
prime number factors for any given composite number are 


unique to that number, as we will show in Section 1.6. 


Every integer a>1 has a prime factor. 


Proof: 

If a is a prime number, by definition it's factors are only 1 
and itself (a prime number), and so it has a prime factor. 

If a is not a prime number, it must be a composite 
number. From Proposition 1.4-1 we know that a will then have 


prime factors. m 


The following three propositions specify bounds on how 


large any factor of a composite number can be. 


Any composite number a has factors b and c such that 


a=bec where: 


Eab<a l<c<a 


Proof: 
Since a is not prime, we must have a=b-+c where b and c 


are not equal to either 1 or a. We then have: 


1<b eee (1.4-2) 
Multiplying by c and b, respectively: 


c<bec b<bec (1.4-3) 
or 

GO b<a (1.4-4) 
Therefore 

pez l<c<a (1.4-5) 
a 


Any composite number a has a factor d such that |<ds a”, 


Proof: 
Since a is composite, from Proposition 1.4-3 we know that 
integer factors b and c of a must exist such that: 
a=bec (1.4-6) 
where 


l<b<a LeCaa (1-427) 


If both b and c are larger than a’, we have: 


a=b-C saa” =6 (1.4-8) 


which is impossible. Therefore either factor b or c must be 
<a”, or both factors must equal a’. Denoting a factor that is 
<a” asd, we have oe ark a 


1 
Any composite number a has a prime factor p S$ a”, 


Proof: 


From Proposition 1.4-4 we know that a must have a factor 
l<d<a”. From Proposition 1.4-1 we know that d must have a 
prime factor. Any prime factor p of d must be p<d. Therefore 
DSe@dsa2 eu 


This proposition is the basis of a definitive primality test 


for an integer a: that is, a is a prime number if and only if a 


is not divisible by any prime number p < Va. 


The factors 1 and a of a positive integer a are known as 


trivial factors: 


a=lea (1.4-9) 
Prime numbers have only trivial factors; prime numbers then 
have only a trivial factorization. Composite numbers have 
both trivial factors and non-trivial factors. 

All factors of a except a itself are known as proper 
factors. The smallest proper factor greater than 1 of a composite 
number a must be a prime number since this factor cannot be 
factored into smaller numbers. As noted above, all factors of a 
composite number can be reduced by factoring until only prime 


factors remain. 


1.5 DETERMINING PRIME NUMBERS 


Once the existence and importance of prime numbers was 
recognized, the question of how to determine if a given number 
was or was not a prime number naturally arose. Early methods 
of finding prime numbers included trial division and the sieve 


of Eratosthenes. 


1.5.1 ‘TRIAL DIVISION 


Since prime numbers have no factors other than 1 and the 
number itself, one method of determining if an integer a is 
prime is by successive divisions of a by all prime numbers 
<a” (see Proposition 1.4-5 and Example 1.4-2). This method of 
testing for primality is known as trial division. Trial division is 
effective for small integers because the number of primes is far 
fewer than the number of integers. Historically, trial division 
has often been used to find prime numbers that are not too 
large. Trial division will not fail to find the prime factors of an 
integer. Therefore, if an integer is identified as being prime 
using trial division, the identification is a certainty. For very 
large integers, trial division can take a long time even using fast 
computers. 

Since 2 is the only even prime number, all even numbers 


greater than 2 must be composite. Therefore only odd integers 


need be considered for trial division to determine if a number is 
prime. Moreover, since all numbers ending with a5 have 5 asa 
factor, no numbers greater than 5 that end in 5 need be 


considered for trial division to determine if a number is prime. 


1.5.2 ‘THE SIEVE OF ERATOSTHENES 


An early method of searching for prime numbers was 
developed by Eratosthenes of Cyrene (chief of the library in 
Alexandria) in the third century BC. His method is called the 
sieve of Eratosthenes. 

Eratosthenes demonstrated his method by determining 
the prime numbers in the first 1000 natural numbers. Beginning 
after the first prime number, 2, he eliminated every second 
number in the sequence of natural numbers up to and 
including 1000. These eliminated numbers are all multiples of 2 
and so are divisible by 2 (see the first 100 natural numbers in 
Table 1-4). Therefore they are not prime numbers. 

He then chose the next number that had not been 
eliminated in the sequence, 3, and eliminated every third 
number after 3 (which had not already been eliminated). These 
numbers are divisible by 3 and so are not prime (see Table 1-5). 

Following the same procedure, Eratosthenes worked his 
way through the sequence of natural numbers, thus eliminating 


all numbers that are multiplies of any smaller prime number. 


Each prime number considered eliminates a fraction of the 
remaining numbers. The final numbers remaining in the sieve 
after this elimination process are then guaranteed to be prime 
numbers (see Table 1-6). 

Note that, because 1 is not a prime factor, it is not included 
in the sieving process. To make the sieving process faster, many 
improvements have been made to the prime number sieve since 


Eratosthenes designed his original one. These changes have 


been required to make it practical to search for very large 
primes (see Hawkins, 1958; Halberstam and Richert, 1974; 
Lehmer, 1980; and Mollin, 2010). 


S 


= 


Table 1-5 All multiples of 2 and 3 (in black shaded squares) 


have been eliminated by falling through the sieve. 


— 


Table 1-4 Eratosthene's sieve for the first 100 integers. All 


multiples of 2 (in black shaded squares) have been eliminated 


by falling through the sieve. 


Table 1-6 All multiples of numbers that are <J100 (in black 
shaded squares) have been eliminated by falling through the 


sieve. Remaining numbers in yellow squares are prime 


numbers. 


1.6 UNIQUE FACTORIZATION THEOREM 


The set of prime factors of any given natural number is 
unique to that number, and so this set uniquely describes the 
number. Every natural number then has its own unique set of 
prime factors, and so every natural number has only a single 
prime factorization. This statement is known as the unique 
factorization theorem or the unique prime factorization 
theorem and is considered to be the fundamental theorem of 
arithmetic because of its importance in integer theory (see 
Lindemann, 1933; Nagata, 1957; Greenleaf and Wisner, 1959: 
Mullin, 1965; Samuel, 1968; Collison, 1980; and Agargtin and 
Ozkan, 2001). 

While the set of prime factors of any given natural number 
is unique, the order of prime factors within the set is, of course, 
not unique since multiplication of integers is commutative. For 
any given natural number, a change in the order of its prime 
factors is then not considered a different prime factorization. 

The unique factorization theorem has a long history; it 
was known to Euclid in about 300 BCE and is included in his 
Book IX of The Elements (Proposition 14). The first known proof 
of the uniqueness of the prime factorization was provided by 
Gauss (1801) in his Article 16. Euclid stated the unique 


factorization theorem as: “If a number be the least that is measured 


by prime numbers, it will not be measured by any other prime number 
except those originally measuring it.” This theorem can be stated 


in more modern terms as follows: 


Any natural number a>\ that is not itself a prime number can 
be factored uniquely as the product of two or more prime 


numbers. 


Proof: 

We can verify this proposition using the method of proof 
by contradiction (see Appendix B). We begin by supposing the 
unique factorization theorem to be false. We know, however, 
that the theorem is obviously true for the first few positive 
integers greater than 1 in the natural number sequence given in 
equation (1-2). Therefore, if the theorem is false, some smallest 
number a in the natural number sequence must exist for which 
the unique factorization theorem is not true. This integer a will 
then have more than one prime factorization. Numbers less 
than a will have only one prime factorization. 


One of the factorizations of a can be taken to be: 
a=p,eb (1.6-1) 


where we are letting p, to be the smallest prime factor of any 


decomposition of a. The integer b is then either a prime 


number or a composite number. Since a>b, the integer b is 
included in that part of the natural number sequence for which 
we know the theorem is true. Therefore a unique prime 
factorization exists for b. This in turn means that a unique 
factorization must exist for a when p, is a factor. 

Because we are supposing the unique factorization 
theorem to be false, there must also exist a prime factorization 


of a in which p, does not occur. We can then write: 

a= p,°C (1.6-2) 
where we are taking the factor p, to be the smallest prime factor 
of this assumed decomposition of a, and where c can be either 
a prime number or a composite number. Since we have chosen 


P>>P,, we must then have c<b. Therefore p,»c<a. We will 
now let: 
a =a-p,*c=(p,—p,)ec (1.6-3) 

From equation (1.6-3) we see that a’<a, and so a’ must have a 
unique factorization with factors p,—p, and c. From equation 
(1.6-1), we know that a is divisible by p,. From equation (1.6-3), 
we see that a’ is then also divisible by p,. Therefore p, must 
divide either p, — p, or c. However p, cannot divide c because 
all the prime factors in c are greater than p, (since p, was 
chosen as the smallest prime factor of any decomposition of a ). 


A prime number can only be divided by itself and 1. Therefore 


we are led to the conclusion that p, must divide p,— p, and so 
must divide p,. But this is impossible since p, is a prime 
number distinct from p,. We can conclude then that we were in 
error when we supposed the unique factorization theorem to be 


false; the theorem must be true. m 


Some of the prime factors of a composite number a can be 
identical. The unique factorization theorem can, therefore, be 
restated as: Any natural number a>1 that is not itself a prime 
number can be factored uniquely as the product of two or more 
distinct prime numbers, each raised to some positive power. If a has 
n different prime factors p, with each factor p, occurring @, 
times, we can write: 


a 
le 


=a, Deeps eres pen =|] (1.6-4) 


where all p, are distinct and all a, are positive. This 
representation of an integer a is known as the prime 
factorization, standard form, prime-power decomposition, or 
canonical representation of a. The importance of prime 
numbers in number theory is evident from the unique 
factorization theorem alone. All positive integers can be 
constructed with a unique factorization using only prime 


numbers. 


Note that the unique factorization theorem would not be 
true if the number 1 were considered a prime number. Prime 
factorization of a composite number would then not be unique 
since the presence or absence of 1 as a factor would result in 


different prime factorizations for the same composite number. 


For example, 6 can be factored as 6=2°3, 6=1+2¢3, 
6=1-1-2-3, etc. 


We see that the initial factors 4°81, 9-36, and 6-54 
obtained for the three factorizations of 324 given in Example 
1.6-1 can all be different since they are not prime factors. We 
also see, however, that these composite factors can all be 
reduced to prime factors which are the same. The ultimate 
factorization of 324 always contains the same prime factors. The 
order of the prime factors can change, but the prime factors 


themselves are unique to the number 324. 


The factorization of a number can be represented by a 
diagram known as a factor tree. This type of diagram is an 
inverted tree with the number to be factored at the top and the 
factors branching out below. Each of the lowest branches of the 
tree will end with a prime number. The first two approaches to 
factoring 324 given in Example 1.6-1 are diagramed as factor 


trees in Figures 1-2 and 1-3. 


Figure 1-2 A factor tree for 324 =4+81=2° +3". 


Figure 1-3 A factor tree for 324 =9+36=27 3°. 


1.7 MERSENNE PRIMES 


Mersenne numbers M, are numbers having the form: 
VI (1.7-1) 


where p is a prime number. If a Mersenne number M, is 
prime, it is known as a Mersenne prime after Marin Mersenne, 
a french monk who studied such numbers. He conjectured that 
numbers having the form 2’ —1 where p= 2, 3, 5, 7, 13, 17, 19, 
31, 67, 127, and 257 are prime and that all other numbers for 
which p <257 are composite. We now know that this is not true 
(p=61, 89, and 107 are also prime, and p=67 and 257 are 


actually composite). 


If a" —1 is a prime number where n>\ and a>1, then a=2 
and n isa prime number: 2° —1. 

Proof: 
We can write: 


a" -1=(a-1)¢(a"' +a"? +---+a41) (1729) 


For a"—1 to be a prime number, it can have no factors other 
than itself and 1. Therefore we must have a—1=1 in equation 
(1.7-2), and so we must have a=2. 

If n is a composite number, we can write n in the form of 


two integer factors: 
Tes (1.7-3) 
where r >1 and s>1. We then have: 


2" 12" —1=(2"-1)e(209 4274-42741) (1.7-4) 


Since neither of the two factors in equation (1.7-4) equals 1, 
2"—1 cannot be a prime number if n is a composite number. 
Therefore n must be a prime number for a"-1 to be a prime 


number. 


Most of the largest prime numbers known today have 


been discovered in the process of searching for Mersenne 


primes. Some of these prime numbers have millions of digits. 
The first 15 Mersenne numbers are listed in Table 1-7. Finally, 
note that the converse of Proposition 1.7-1 is not true. If n is 
prime, 2”—1 may not be prime as can be seen from Table 1-7. 


2° .7 Prime Factors 
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Table 1-7 First 15 Mersenne numbers. 
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1.8 INFINITE NUMBER OF PRIME 
NUMBERS 

In the continuous sequence of positive integers, the 
number of prime numbers encountered become fewer and 
fewer the farther along the sequence we look. Since 2 is the only 
even prime, we do know that all the other primes in the 
sequence will be odd. We also know that prime numbers 
consisting of more that one hundred digits exist. 

At the same time, no regular pattern for the location of 
prime numbers within the positive integer sequence has ever 
been detected. No general formula for calculating the next 
prime number has ever been found. This raises the question 
whether, after some point in the positive number sequence, 
there might simply be no more prime numbers. 

The first person known to have addressed and answered 
this question was Euclid around 300 BCE in Book IX of The 
Elements (Proposition 20). In his book he proves that the 
number of prime numbers is infinite. His Proposition 20 states: 
“Prime numbers are more than any assigned multitude of prime 
numbers.” Euclid’s approach to mathematical problems was 
always through geometry. To solve this problem, he used 
straight lines having length equal to some multiple of a unit 


length. We will now restate his proof in terms of algebra. 


es 23 


The number of prime numbers is infinite. 


Proof: 

We will consider any given finite set P of prime numbers: 
P={P,.P>.P3.""*»P,}. Euclid’s proof is then equivalent to 
calculating the product of the prime numbers in the set P to 


yield an integer a: 


OPEB ae Pata sigs Dk (1.8-1) 
where a is obviously a composite number. If p is any one of 
the primes in the set P, then p must exactly dividea. 


We then add 1 toa to obtain a positive integer b: 


b=at+1=py*Py* P3* Pye Pst? Py +1 (1.8-2) 
where b is clearly larger than the largest prime in the set P. The 
integer b is either a prime number or a composite number. 

If b is a prime number, this means that another prime 
exists that is not included in the finite set P, since b is larger 
than any prime in the set b. 

If b is a composite number, then b must be divisible by 
some prime number p. However, p cannot be equal to any of 


the primes in P, or p could exactly divide both a and b. But 


since b=a+1, then p could also exactly divide b—a=1. This is 
impossible since no prime number is an exact divisor of the 
number 1. Therefore p cannot exactly divide a. This means that 
another prime exists that is not included in the finite set P. 

For any given finite set of primes, therefore, it is always 
possible to find a prime number not in the set. The number of 


primes must then be infinite. m 


Euclid’s theorem on the infinitude of primes given in 
Proposition 1.8-1 can be proven in a number of ways other than 
that presented above. For a discussion of some of these 
methods see Perott, 1881; Dickson, 1919; Ftirstenberg, 1955; 
Harris, 1956; Mullin, 1964; Chernoff, 1965; Trigg, 1974; Barnes, 
1976; Mohanty, 1978; Wegener, 1981; Srinivasan, 1984; 
Cosgrave, 1989; Dilcher, 1989; Rubinstein, 1993; Aigner and 
Ziegler, 1998; Hirschhorn, 2002; Aldaz and Bravo, 2003; Cass 
and Wildenberg, 2003; Sengupta, 2005; Kilford, 2006; Saidak, 
2006; Ash and Petersen, 2007; Scimone, 2008; Hardy and 
Woodgold, 2009; Mercer, 2009; Pinasco, 2009; Whang, 2010; 
Cooke, 2011; Pollack, 2011; and MeStrovi¢, 2012. 


Example 1.8-1 


Show using Euclid's method that prime numbers exist that 


are not included in the sets: 


13757! 
23 Alt 
Solution: 


1. Let a=2+3+5°7=210 and b=a+1=211. The integer 211 
Is not divisible by 2, 5,5, or 7. In fact, 21] is a prime 
number that is not in the set 12, 3.5, a 


2. Let a=3+5+7+11=1155 and b=a+1=1156. The integer 
1156 is not divisible by 3, 5, 7, or 11. However 1156 is 
divisible by the prime numbers 2 and 17: 1156=2° «17°. 
Both 2 and 17 are not in the set tee Se7 ol 1} 


1.9 THE EULER PRODUCT FORMULA 


The divergent series: 


ir ee eg (1.9-1) 
Depa celerOen9 a 
is known as the harmonic series. Euler (1937) studied series 
similar to the harmonic series, but having positive integer 


denominators n raised to a positive integer power s > 1: 


— | apis WE ee ie Oe reer | 
s)= ) Se eS a angen res eee ee yt ea 9- 
C( ) = n> 23 3° as Se 6° ye ae? 2) 


Such series are known as zeta functions, and they converge to 
some finite positive value for all integers s5>1. For example, 
Euler found that: 


a 
2)=14 5454545454543 Z 
oe ) oe 2 4? > 6° ae 6 (1.9 3) 
Euler (1737) also derived the important formula now known as 


the Euler product formula (see Derbyshire, 2004): 


¢(s)= y+ -T] nae (1.9-4) 


Pp prime 


where the product is taken over all prime numbers p. This 
equation shows that an infinite series involving all positive 
integers raised to an integer power is equal to an infinite 
product involving only prime numbers raised to the integer 
power. 

Euler derived his product formula as follows. Multiplying 
€(s) in equation (1.9-2) by 1/2°, we have: 
ea) Rae | I 


—+4+—+—+—+4 
496-228 SAA? 


Subtracting equation (1.9-5) from equation (1.9-2), all terms in 


| | 
= 4 ies 9- 
a S(8)= 55 (1.9-5) 
equation (1.9-2) having a factor of 2 will be eliminated: 


feta oo Rae a Kare ge I | 


G-F)éG-t tet ate 


+—+ é 
2 Bes md a PAE) 6 Pproedloe ceo) 


Next, forming the equation: 


| l ) | | | l ] l 
1-— |¢(s)=—+—+—+—+—+—+ Z 
( , o(s) Been De El Sete bey 2p oa wee 


Subtracting equation (1.9-7) from equation (1.9-6), all terms in 


equation (1.9-6) having a factor of 3 will be eliminated: 


-£)(1-$]s(s)=F44 Eee) 
[ ey aed) Bae yee bee ele e3 


Continuing this process for all primes, we have: 


{1 az | -£ (1-3 )0-= Gls) ha(l2929) 


and so: 


or 


{(s)= Y—= aa (1.9-11) 


n=1 P prime 


1.10 THE RIEMANN ZETA FUNCTION 


The domain of convergence of the series representing ¢(s) 


presented in equation (1.9-2) is the half-plane specified by s>1 


where s is a real number. Outside this domain, the series in 


equation (1.9-2) is not convergent. 


1.10.1 DEFINITION OF THE RIEMANN ZETA AND XI 
FUNCTIONS 


Searching for a functional representation of ¢(s) that is 
valid for values of s beyond the domain s>1, Riemann (1859) 
considered the function for complex values of s. Equation 


(1.9-2) for €(s) then becomes for s =o +it: 


co 


()= am 


n=1 


(1.10-1) 


This series is analytic (is differentiable) for Re(s)>1 (that is 
o >1). For the domain Re(s)>1 the series converges absolutely. 
Riemann then used the complex analysis technique of analytic 
continuation to develop a new series that extends the domain 
of convergence of ¢(s) to include the entire complex plane 
except for a simple pole at s=1. He showed that this analytic 
continuation of ¢(s) can be written in functional form as: 


AGE 2 asin{ =) r(1—s) ¢(1-s) (1.10-2) 


This function is now known as the Riemann zeta function. In 
addition Riemann defined a function known as the Riemann xi 


function: 


(1.10-3) 


g(s)=$ (5-1) mr 5) 665 


where ['(s) is the gamma function. From this equation we 


have: 


$(s)=$(1-s) 


The Riemann zeta and xi functions provide information about 


(1.10-4) 
the distribution of prime numbers. 


1.10.2 ZEROS OF THE RIEMANN ZETA FUNCTION 
The roots of the Riemann zeta function are those values of 


s=o+it for which ¢(s)=0. There are no roots for o >1 as can 
be seen from the Euler product formula. From equation (1.10-2) 
we see that we have sin(zs/2)=0 whenever s=—2n where n 
is an integer. At the points s=—2n we will then have ¢(s)=0. 
All such roots occurring at even integer values along the 
negative real axis are referred to as trivial zeros. The 
designation as trivial is a consequence of these roots being easy 
to determine when compared to other roots of ¢(s). Of course 
we also have sin(zs/2) = 0 when s5=+2n, but these zeros are 
cancelled by poles of the gamma function ['(1-s). 

All non-trivial zeros of ¢(s) are then confined to the area 


0<Re(s)<1. This area is in the form of strip known as the 


critical strip which is parallel to the imaginary axis. From 
equation (1.10-4) we see that the non-trivial zeros are 
symmetrical about the line o =1/2, which is called the critical 
line. An infinite number of non-trivial zeros have been proven 
to exist in the critical strip, many billions of which have actually 


been determined. 


1.10.3 THE RIEMANN HYPOTHESIS 

Riemann (1859) proposed that all roots of the Riemann xi 
function are real. From equation (1.10-4) we see that Riemann 
was, in effect, proposing that all non-trivial zeros of the 
Riemann zeta function have a real part o=1/2, and so are 
actually on the critical line. This statement is now called the 
Riemann hypothesis. The billions of zeros that have been 
determined so far are, without exception, on the critical line. 

To date the Riemann hypothesis remains an unproven 
proposition. Hilbert (1900) included the Riemann hypothesis in 
a list of the 23 unsolved problems in mathematics to be 
considered in the twentieth century. It remains the greatest 
unsolved problem in pure mathematics. It is important because 
proofs of many other propositions in mathematics assume as 
part of their proof that the Riemann hypothesis is true. The first 
five of the zeta zeros are listed in the Table 1-8 (see Odlyzko 


tables of zeros of the Riemann zeta function on the internet). 


Im(s) 


14.134725 


25.010858 


= 32.935062 


Table 1-8 First 5 Riemann zeta function zeros. 


1.11 THE NUMBER OF PRIMES 
If x is any given positive real number, the number of 


primes less than or equal to x is denoted by 2(x) where: 


n(x)= 1 (1.11-1) 


psx 
and where p<.x represents primes less than or equal to x. For 
example, since the first six primes are 2, 3, 5, 7, 11, 13, we have 
m(15)=6. 


Table 1-9 Values of z(x) and x/Inx. 


In 1798 Legendre proposed that z(x) is approximately 
equal to x/Inx. This suggests that: 
les (1.11-2) 
ase X/In x 
which was proven to be true by J. Hadamard and by C. de la 
Vallée Poussin independently in 1896. Equation (1.11-2) is now 
known as the Prime Number Theorem. Values of z(x) are 


given in Table 1-9 for values of x up to 10,000,000. 


Integer Operations a=qem+r 


2.1 DIVISORS 


An integer a is said to be divisible by an integer m (with 
m#0) if m exactly divides a. An integer qg will then exist such 
that: 


Yt aes (2.1-1) 


The integer m is a divisor of the dividend a. In number 
theory the term ‘divisor’ refers to an integer that exactly 
divides the dividend. We will follow this usage. We will also 
consider only positive divisors in this book since only such 
divisors will be encountered in our review of congruence 
theory. In this and following chapters we will have a,b,ceZ 
and meéN unless otherwise noted. 

From equation (2.1-1) we see that if m exactly divides a, 


we must have: 


eS el (2.1-2) 
Conversely, if we have equation (2.1-2), then m must exactly 
divide a. Equation (2.1-2) can be considered the definition of 
the divisibility of a by m. 

The divisor of an integer is always a factor of the integer. If 
m is a divisor of a, then m is a factor of a, and a is a multiple 


of m. Equation (2.1-2) then provides a factorization of a. Only 


if m and qg are prime numbers, however, will this be a prime 


factorization of a (see Table 2-1). 


Table 2-1 Positive divisors of the integers < 20. 


When an integer m is a divisor of an integer a, this fact is 
written as m|a.If m is not a divisor of a, the notation used is 
m I a. Observe that the notation m|a is different from the 


notation m/a in four respects: 


1. m|a denotes that a is being divided by m, while m/a 
denotes that m is being divided by a. 


2. m|a denotes that m divides a evenly without leaving 
a remainder, while m/a is simply a rational number 


which may or may not be integral. 


3. m|a denotes a certain relation existing between m and 
a (but does not denote a number), while m/a is a 


definite number. 


4. m|a is either true or false, while m/a always provides 


an answer. 


If we have a/m where meN and a=m, but where a is 
not necessarily a multiple of m, then it is always possible to 


find two integers g and r such that: 


a=qem+r O<sr<m (2.1-3) 


Equation (2.1-3) is known as the division algorithm, and the 
existence of g and r is proven in Proposition 2.1-4. An 
algorithm is a systematic procedure for accomplishing a given 


mathematical task in a finite number of successive steps. 


Figure 2-1 Integer points on a number line illustrating the 


division algorithm. We see that a=q«m+r. 


In equation (2.1-3) q is an integer known as the quotient 
and r is an integer known as the remainder, least positive 
remainder, or least residue. The quotient is the greatest integer 
obtained by dividing a by m: 

a i Rok 


—=qt— O< 
m m m 


<1 (2.1-4) 


We see that g is easily determined, and that g<a/m<q+l. 
Therefore a can fall between two multiples of m; that is: 
qemsa<(q+l1)+m, as shown in Figure 2-1. 

From equation (2.1-3), the remainder r is given by: 


r=a-qem O<sr<m (2.1-5) 


The remainder r can take only one of the values 0,1,2,-:-,m—-1. 


If m is a divisor of a, then r=0. Once a and m are given, q 


and r are uniquely determined. 


The divisors (including the number 1) of an integer a that 


are less than a are known as aliquot divisors or aliquot parts 


of the integer a. Such divisors, which do not include the integer 
itself, are also known as proper divisors (the integer a then 
becomes the only improper divisor of a). Any integer m that 
does not divide an integer a evenly, but leaves a remainder, is 
referred to as an aliquant part of the integer a. 

All integers are divisors of 0. The divisors 1 and a of an 
integer a are known as trivial divisors of a. Prime numbers 


have only trivial divisors, while composite numbers have, in 


addition, nontrivial divisors. 


Division properties, where a, b, ceZ and a#0, b#0, 


tee 


CFO 
a|\0. 


lla and ala. 

If a|b and b|c, then a|c (transitivity property). 
Ifa|b then a|bec. 

Ifa|b then aec|bec (multiplication property) 
Ifa|bandc|d, thenasc|bed. 

If a|b then |a| <|b]. 

If a|b and bj a, then|a| =|b]. 


If cla and c|b, then c|(a*x+b-y) forall x, yeZ. 


. If aeb|aec then b|c (cancellation property) 
. If cea=ceb thena=b. 


. If aeb|c then a|c and b|c. 


Ifa|b and a|(b+c) thena|c. 


From property 7 we see that every nonzero integer has 


only a finite number of divisors. From property 9 we see that if 


cla and c|b, then c|(a+b). Property 3 is proven in Example 


2.1-3, Property 7 is proven in Example 2.1-4, Property 9 is 


proven in Proposition 2.1-1, and Property 13 is proven in 


Example 2.1-5. 


Example 2.1-3 
Ifa|b and b|c, show thata|c. 


Solution: 


Since a|b and b\c, we have: b=kea and c=j+*b where 
j,k €Z. We can then write: 

c= job = je(kea)=(j+k)oa 
Therefore we have: 

a|c 


For example, because 9|81 and 81|162, we have 9|162. 
Example 2.1-4 
If a#0,b#0, and a|b, show that lal <|d]. 


Solution: 


Since a|b, we have b=kea where |k| 21. Therefore: 


|b| = Kea =k ° a| >|a| 
and so: 
la| <2 


Example 2.1-5 
Show that if a|b and a|(b+c) then a|c. 


Solution: 


Since a|b and a|(b+c) we have: 


b=kea 
bic=jea 
and so: 


+c= jea—b= jrea-keaz=(j-k)ea 
Therefore a|c. 


Expressing the natural numbers a and b in terms of their 


prime factorizations using equation (1.6-4), we have: 


Dapp ee ps eee =|] (2.1-6) 
k=1 


b= phe ph « pP ave ph =| [> (4-7) 
k=1 


where, by making some of the exponents zero if necessary, the 
same primes appear in the factorization of both a and b. 

If b|a then all primes in b must also be in a to at least the 
same power as they have in b. This is a requirement for a 


natural number a to be divisible by a natural number b. 


If cla and c|b, andx,y eZ, then c\(a+xtbey). 


Proof: 
We are given: 
ad=kec b=jec (2.1-8) 
where j,k €Z. We can write: 
aextbey=kecextjecey (2.1-9) 
or 
aextbey=ce(kext jey) (2.1-10) 


Therefore c is a factor of aextb+y andso c|(aextbey). & 


If p, and p, are prime numbers, then if and only if p, = p, will 
P,| Po: 
Proof: 
Since p, is a prime number, its only factors are 1 and p,. 
But p,>1 since p, is a prime number. Therefore p,|p, is 


possible if and only if p, = p,. ™ 


If a>1, then some prime number p exists such that p|a. 


Proof: 


Follows from Proposition 1.4-2. = 


2.1.1 THE DIVISION ALGORITHM 
The division algorithm presented in the following 


proposition can be considered the basis of congruence theory. 


IfaeZ and meN,, then there exist a unique pair of integers q 


and r such that: 


a=qem+r O<r<m (2.1-11) 


Proof: 

If m|a, then qg in equation (2.1-11) is a unique integer and 
the remainder r=0. The proposition is then proven. 

If m HK a, a remainder r exists and can be determined with 
q steps, in each of which m is subtracted from a. When a least 
positive integer r is found such that 0<r<m, the steps cease. 
The division algorithm a=q+m+r can be seen then to be 
equivalent to subtracting m from a until the remainder is less 
than m. 

To show that such an r and q exist, we will consider the 


infinite set S of ordered integers: 
S={---,a-3+m,a—2+m,a—m,at+m,at2em,-+ (24-12) 


For a20, then a+m is clearly a positive element in S$. For 
a<0, then a—a»m=a+(1—m)20 is clearly a positive element 
in S. Therefore § must be a nonempty set that includes a subset 
of positive integers, and so, by the well-ordering theorem, S$ 
must have a smallest nonnegative element. Let this smallest 
nonnegative element be r, where r=a—gq+m for some integer 
q. The remainder will be r>0 and the number of subtractions 
will be q. 

We also have r<m since, if r were not less than m, then 


a—(q+1)+*m would be a smaller nonnegative element of the set 


S than r (see Figure 2-1). Moreover, r must be an integer since 
r=a-—qemand a,q,and m are all integers. 


We can write: 


r—m=a-—qem—m=a-—(qt+l)em<0 (2.1-13) 


and so: 


r—m<% (2.1-14) 
Adding m to both sides of equation (2.1-14) yields r<m and so 
we have 0<r<m. The integers g and r as given in equation 
(2.1-11) then exist. 

We must now show that these values of g and r are 
unique. We assume the opposite: that equation (2.1-11) is also 
satisfied by some gq, and ,, that are different from q and r. We 


then can write: 
ad=qem+r=q,em+r, (2:1=15) 


where 0<r<m and 0<r,<m. We can take r,>r so that: 


O<sr—r<m (2.1-16) 
We can rewrite equation (2.1-15) as: 
(q-q,)*m=n-r aang 


Since m is a factor of r,-r, we must have m|(r,—1r). For this not 


to contradict the uncertainty range for r,—r given in equation 


(2.1-16), we must have r=r,. Therefore from equation (2.1-17) 


we see that we must have: 


ra q= 4, (2.1-18) 
and so unique integers g and r exist such that a=qem+r. Both 


g and r are uniquely determined by a and m. = 


Example 2.1-7 


Which remainders r can result when any positive integer is 
divided by 4? 


Solution: 


Since we have 0<r<4, the only possible values of r are 0, 1, 
Zola: 


Example 2.1-8 


Using the division algorithm, show that every odd integer 
can be represented by 4°k+1 or 4+k+3 where keZ (see 
Proposition 1.2-1). 


Solution: 
Any integer a divided by 4 will have a remainder r= 0, 1, 2, 
or 3. We can write the division algorithm a=q+m+r as 


a=ke4+r: 


r=0: a=4ek+r=4ek even number) 


rele) (@=]4eber=4eb41 odd number) 


( 

( 
r=2: a=4ek+r=4ek+2=2¢(k+1) (even number) 
r=3: a=4ek+r=4ek+3 ( 


odd number) 


Therefore every odd integer can be represented in the form 


4ek+1or 4¢k+3 where k is some integer. 


Example 2.1-9 


Show that every prime number p>2 can be represented in 
the form 4+k+1 or 4*k+3 where keZ. 


Solution: 


From Example 2.1-8 we know that every integer has the form 
4ek, 4ek+1, 4¢k+2, or 4¢k+3. But 4¢k and 4-k+2 are 
both divisible by 2 and so cannot represent primes p> 2. 
Therefore all primes p>2 must have the form 4+k+1 or 
4+°k+3. Note that the converse is not true. Not all integers 
having the form 4+k+1 or 4+«k+3 are primes (for example 
when k =6 neither 4-¢k+1=25 nor 4*k+3=27 are prime). 


2.1.2 COMMON DIVISOR 
If dja and d|b where deN, then d is known as a 


common divisor or common factor of a and b. A positive 
integer is a common divisor of two or more numbers if it 
evenly divides each of the numbers (has remainder r = 0 ). Since 
all common divisors of a set of numbers (not all zero) are 
bounded above (they must be less than or equal to the smallest 
integer in the set), only a finite number of common divisors of a 


set can exist. Since 1 divides every integer, 1 is a common 


divisor of all integers. 


2.1.3 GREATEST COMMON DIVISOR 


The greatest common divisor, highest common divisor or 
highest common factor of a set of integers is defined as the 
largest positive integer that divides each of the integers in the 
set. The greatest common divisor of a set of integers is divisible 


by all other common divisors of the set. 


The greatest common divisor of two integers a and b (not 
both zero) is written as gcd(a,b). If both a and b are zero, then 
gcd(0,0)=0 by definition since all integers divide 0, and so 
there can be no greatest common divisor of 0. The greatest 
divisor of a is a, and since any number is a divisor of 0, we 
have gcd(a,0)=a. If bla, then gcd(a,b)=b. If two integers a 
and b are not both zero, but have no common divisor other 
than one, we have gced(a,b)=1. Euclid in The Elements referred 


to the gcd as the greatest common measure. 


If a and b are integers and not both zero, then gcd(a,b) exists 


and is unique. 


Proof: 

Any set of two or more integers (not all zero) will always 
have a least common positive divisor equal to 1 since 1 divides 
all integers. All common positive divisors of a set of two or 
more integers (not all zero) will be less or equal to the absolute 
value of the smallest integer in the set. Therefore the number of 
common positive divisors of the set is finite but not zero, and so 
a greatest common divisor of all the common positive divisors 
must exist. 


Any two integers a and b (not both zero) will then have: 


gcd(a,b)2>1 (2.1-19) 


Given two integers a and b, the conditions that are necessary 
and sufficient for d = gcd(a,b) are: 
1. dmust be a common divisor of both a and b: 
d\a d|b (2.1-20) 


2. Any other common divisor c of both a and b: 


cla c|b (2.1-21) 
must be such that d>c so: 
c|d (2.1-22) 


3. Wemust have: d>0. 


To show that the gcd(a,b) is unique, we assume the 
opposite; namely, that two gcd(a,b) exist: d,=gced(a,b) and 
d, =ged(a,b). Then d,|a, d,|b, d,|a, and d,|b. We therefore 
have: d,|d, and d,|d,. But this is possible only if d,=d, since 
gcd(a,b)>0. Therefore the gcd(a,b) is unique. m 


Since the definition of gcd(a, b) is symmetrical in a and b, 
we have gcd(a, b) = ged(b, a). 

A straightforward (but not very efficient) method of 
finding the gcd of a and b is to list all the prime factors of a 


and all the prime factors of b, and then to identify the common 


factors present in both lists. The integer whose prime 
factorization equals the common prime factors of a and b is 
then the ged(a,b). 


Example 2.1-11 
1. Find the gcd(30, 50). 


2. Find the ged(5,7). 


3. Find the gced(6, 12,48, 90,108). 


Solution: 


1 The factors of 30 are: 1, 2, 3, 5, 6, 10, 15, 30. 
Whe factors ot 50 are’ 12 5.10) 25, 50: 
The common divisors of 30 and 50 are then: 1, 2, 5, 10. 
Therefore gced(30, 50)=10. Note that 1, 2, and 5 all divide 
10: 


2. The factors of 5 are 1, 5, and the factors of 7 are 1, 7. 
Therefore ged(5,7)=1. The only common divisor of two 


distinct prime numbers is 1. 


3. gced(6,12, 48,90, 108)=6. We see immediately that the gcd 
can be no larger than 6 since 6 is the smallest integer in 
the set. 


8. 


9. 


Properties of gcd, where a,b,c,de€Z and k,peN. 


gcd(a, 1) =| 


gcd(a, B= gcd(b, @)\= gcd(—a, b) = gcd(a,—b)= gcd(-a,—b) 


( 
ged(a,0)=a 
gcd(a,mea)=a 
If bja, then ged(a,b)=b 


If alc, b|c, and gcd(a,b)=1, 
then asb|c 


If gcd(a,b)=d, then 
ab 
cd} —,— J=1 
: é A 
If cla and c|b, then c|ged(a,b) 


gcd(a, b) = gcd(a, qeatb) 


10. gcd(a, b) = gcd(b, a-—qe b) 


11. If c|a and c|b, then 


pai.) to 
Cc Cc 


Cc 


ee gcd(c, a)e gcd(c, b) = gcd(c, a+b) 


(Proposition 2.1-7) 


(Proposition 2.1-8) 


(Proposition 2.1-10) 


(Proposition 2.1-13) 
(Proposition 2.1-14) 


(Proposition 2.1-16) 


(Proposition 2.1-17) 


(Proposition 2.1-20) 


13. If ged(a,b)=1 and if d|a+b, 
then d= ecd(d, a) gcd(d, b) (Proposition 2.1-21) 


14. gcd(kea,k*b)=kgcd(a,b) (Proposition 2.1-22) 


15. If p is prime number, then 


gcd(a, p)=1 or p (Proposition 2.3-5) 


Additional properties of the gcd are given in Section 2.9. 
Defining min(a,b) to be the minimum of two positive 


integers a and b, we have: 


l< gcd(a, b) < min(a, b). 


Proof: 

Since 1 divides all integers, we have from equation (2.1-19) 
that gcd(a,b)>1. Since the greatest divisor of any integer is the 
integer itself, gcd(a,b) must be less than or equal to the smaller 
of a and b. Therefore we have: 


I< gcd(a,b)< min(a,b) (2.1-23) 


Solution: 


If a= 0, and if b\a, then gcd(a,b)=b. 


Since we know that: 
1 < gcd(91, 9997) < 91 


we need check only the factors of 91 to find ged(91, 9997). We Proof: 


then find: Follows from the definition of gcd. m 


sia Proposition 2.1-8: 


If a|c and b\c, and if gcd(a,b)=1, then a+b|c. 
Example 2.1-13 


Proof: 
If gcd(a, b) =] show that gcd(a+b, a—b) = Ole We have: 
Solution: c=jea c=keb (2.1-24) 
Let d= gcd(at ba b). We then have: where j and k are some integers. Therefore: 
d\(a+b) d\(a—b) jea=keb (2.1-25) 
Therefore: and so a|keb. Since ecd(a, b) =|, this means we must have 
d|[(a+b)+(a-b) | d\|[(a+b)-(a-b) | a|k. Therefore: 
and so: k=lea (2.1-26) 
d|(2+a) d|(2+b) where / is some integer. We then can write: 
Since gcd(a,b) =1, we must have: c=keb=leasb=I+(aeb) (2.1-27) 
d=gced(at+b,a—b)=1 if d is odd and so a+b|c. 


d=ged(at+b,a—b)=2 if d is even 


The gcd of two integers a and b must be composed only of 
prime factors which are common to the prime factorizations of 
both a and b. The prime factorization for a and b can be written 


as: 


(2.1-28) 


(2.1-29) 


where, by making some of the exponents zero if necessary, the 
same primes are used in the factorization of botha and b. 

Each prime factor p/* of gcd(a,b) must appear in the 
prime factorization of both a (as p,;*) and b (as py), and its 
exponent y, must be the lesser of the two exponents a, and f,. 
The exponent of any given prime factor of gcd(a,b) is then the 
lesser of the two exponents which this prime factor has in a 
and b. The greatest common divisor of a and b is then given 


by the product of all p!* factors common to both a and b: 
ged(a,b)= I] Di = I] pee (2.1-30) 
k=1 k=1 


where the exponent y, =min(@,,8,) is the minimum value of 
the two exponents qa, and f, for the given p, (see Proposition 
2.1-9). 


Note that factoring large numbers to obtain their prime 
factorizations is difficult. An easier method of determining the 
gcd of two integers is provided by the Euclidean algorithm (see 
Section 2.5). 


Ifa,beZ have the prime factorizations 


k=1 


then the gcd(a,b) has the prime factorization 


n 


ged(a, b) = I] prrinhan Be) 


k=1 


where min(a@,,f,) is the minimum value of a, and B, for the 
given Pp,. 


Proof: 


(2.1-31) 


If and only if y,<a@, and y, < B. will we have d|a and d|b so 


that d is a common divisor of a and b. If y, =min(@,, B,), then 


d must be the gcd(a,b) since all other common divisors are 


smaller. = 


Example 2.1-14 
Ishanel: 
1. gced(30, 50). 


2. gcd( 5738733, 160083). 
Solution: 
[e302 =3: - 5. 
5S — 21.3 25: 
gcd(30, 50) = qmin(l.1) . ginia 0) 7 nin. 2) - ot 7 eu F 5! = y) 7 5 = 10 
2. 5738733 =3° «7° +1113 
160083 = 37° 911° 
gcd (5738733, 160083) = ginin(2, 1) . qinin(3, 2) gminld. 1) of pmin(l.2) E 1 gininl2. 0) 


gcd (5738733, 160083) = 3' +77 «9° «11! +13° =3+77 «11=1617 


If gcd(a,b)=d, then gca( S 4 = 


Proof: 
We will let: 


c=gced(a/d,b/d) (2.1-32) 


where we must have c21. 
From equation (2.1-32) we have c|(a/d) and c|(b/d), and 


so some integers k and j must exist such that: 


cek=ald C= Did (2.1-33) 


Or 


(c-d)-k=a (ced)ej =b (2.1-34) 


Therefore ced is a common divisor of a and b. But since 
d= gcd(a,b), we must have ced <d. Therefore c<1. 

Since c>1 and c<l, we can conclude that c=1, and so 
ged(a/d,b/d)=1. ™ 


Example 2.1-15 


Verify Proposition 2.1-10 for gcd(30, 50)=10. 


Solution: 
gcd (30, 50)=10 


since 3 and 5 are both prime numbers. 


An important equation in number theory is Bézout’s 
identity, which states that the smallest positive integer that can 
be expressed as an integral linear combination of two integers 
a and b (not both zero) is ged(a,b). An integral linear 
combination of a and b has the form aex+bey where x and y 
are both integers. Bézout’s identity is proven in Proposition 
2.1-11. Using Bézout’s identity it is possible to prove a number 


of propositions, including the following: 
1. Ifclaandc|b, then c|gcd(a,b). Proposition 2.1-13 


2. If c|aand c|b, then 
Proposition 2.1-17 


3. gcd(a,b) =1 if and only if 
integers x and y exist such 


that aex+bey=l. Proposition 2.1-18 


4. IfceZ,thenc=aext+bey if 
and only if c is a multiple of 


gcd(a,b). Proposition 2.1-19 


5. If a,b,c eZ, then 
gcd(c, a)e gcd(c, b) = gcd(c, ae b). Proposition 2.1-20 


6. Ifa|bec and ged(a,b)=1, then 


alc. Proposition 2.3-2 


7. If gcd(a,c)=1 and ged(b, c) =1, 
then gcd(aeb,c) =1. 


If a,b€Z and a and b are not both zero, and if d = gcd(a,b), 


then d is the smallest positive integer that can be expressed as a 


Proposition 2.3-3 


linear combination of a and b: 
d=aex+bey=gcd(a,b) 


where x,yeZ. 


Proof: 


First we will show that a positive integer always exists 
that can be expressed as a linear combination of a and b such 
that aex+bey>0 where x,yeZ. If a>0, then we have, for 
example, a-l1+b-0>0. If a<0, then we have a-(-1)+b-0>0. 
Therefore a positive integer always exists that can be expressed 
as a linear combination of a and b. 

Let d’ be the smallest positive integer that can be written 


as an integral linear combination of a and b: 


d’=aextbey (2.1-35) 


where x, ye Z. Since d=gcd(a,b), we have d|a and d|b. From 
Proposition 2.1-1 we then have d|(a-ex+b-y). From equation 
(2.1-35) we therefore know that d|d’, and so d<d’. 


From the division algorithm, integers g and r exist such 


that: 

a=qed'+r O0<r<d’ (2.1-36) 
Using equation (2.1-35), we can replace d’: 

a=qe(aex+bey)+r (2.1-37) 
We then obtain: 

r=ae(l—qex)+be(-qey) (2.1-38) 
which has the form: 

r=aex’t+tbey (2.1-39) 


We see that r is also a nonnegative linear combination of 
a and b. Since d’ is the smallest positive integer that can be 
written as an integral linear combination of a and b, and since 
r<d’, r cannot be positive, and so we must have r=0. From 
equation (2.1-36), we therefore have d’|a. Using a similar 
argument, we can obtain d’|b, and so d’ is a common divisor 
of a and b. Since d=gcd(a,b), we see that d 2d’. 

Therefore we have d<d’ and d=d’. We then must have 


d=d',and so we can conclude that, if d= gcd(a, b), then: 
d=a+xtbey=ged(a,b) (2.1-40) 


In other words, the gcd of two integers can always be expressed 


as the integral linear combination of the two _ integers. 


Moreover, the gcd of two integers will always be the smallest 
positive integer that can be expressed as an integral linear 


combination of these two integers. m 


The integer coefficients x and y in equation (2.1-40) are 
referred to as Bézout coefficients. These coefficients are not 
unique for any given a and b. Clearly d, as given in equation 
(2.1-40), is unique for any given a and b (see Proposition 2.1-5). 
Bézout’s identity was derived by Etienne Bézout (1729) in 


connection with his work on polynomials. This identity was 


previously known, however, to Bachet de Méziriac (1624). 


Ifa,beZ and a and b are not both zero, and if d = gcd(a,b), 
then there exist integers x,y €Z such that: 


d=a+xt+bey=ged(a,b) 


Proof: 


Follows from Bézout’s identity (Proposition 2.1-11). m= 


The following proposition is given in Book X of Euclid’s 
The Elements as a porism (corollary) to Proposition 3: “if a 
magnitude measure two magnitudes, it will also measure their 


greatest common measure.” 


Proposition 2.1-13: 
If cla and c\b, then c|gcd(a,b). 
Proof: 
From Bézout’s identity (Proposition 2.1-11) we have: 
gcd(a,b)=aextbey (2.1-41) 


for some integers x and y. Since we have c|a and c|b, we also 
have c|(a+x+b-+y) from Proposition 2.1-1, and so c|gcd(a,b). 
a 


gcd(a,b) = gcd(a,qeatb). 


Proof: 
We will let: 


c= gcd(a,b) d=gcd(a,qeatb) (2.1-42) 


Since c=gcd(a,b), we have c|a and c|b. From Proposition 
2.1-1, we see that any common divisor of a and b is also a 
divisor of gea+b and so c|(qea+b). From Proposition 2.1-13, 
c is then a divisor of gcd(a,qeat+b). Therefore c|d, and so 
ckd. 

Similarly, since d=gcd(a,qeat+b), we have dja and 
d|(qea+b). Any common divisor of a and qgea+b is also a 
divisor of b. We then have d|b, and so d is a divisor of 
gcd(a,b). Therefore d|c, and so d<c. 

Since c<d and d<c, we must then have c=d, and so 


gced(a,b) = gcd(a,qeatb). bd 


Given the division algorithm: 


a=qem+r O<sr<m (2.1-43) 


then 


gcd(a, m) = gcd(m, r) (2.1-44) 


Proof: 


We will let: 
c= gcd(a, m) d= gcd(m, r) (2.1-45) 
From c= gcd(a,m), we have c|a and c|m. Since 
r=a—qem (2.1-46) 


any common divisor of a and m is also a divisor of r, and so 
c|r. From Proposition 2.1-13, c is then a divisor of gcd(m,r). 
This means that c|d, and so c<d. 


From d= gced(m,r), we have d|m and d|r. Since 


a=r+qem (2.1-47) 


any common divisor of m and r is also a common divisor of a, 
and so d|a. Therefore d is a divisor of gcd(a,m). This means 
that d|c, and so d<c. 


Since c<d and d<c, we must then have c=d and so 


gcd(a,m)= gcd(m,r). a 


Since r is smaller than a and m (often much smaller), 


finding gcd(m,r) can be much easier than directly finding 
gcd(a,m). Moreover the division algorithm can be repeatedly 
applied to gcd(m,r), thereby determining even smaller values 
of gcd(m,r). This process can greatly facilitate finding the 
greatest common divisor gcd(a,m) as is done in the Euclidean 


algorithm (see Proposition 2.5-1). 


ecd(a, m) = gcd(m, a-—qe m). 


Proof: 
This proposition is essentially the same as Proposition 


2.1-15. We will let: 


c= gcd(a, m) d=gcd(m,a—q+m) — (2.1-48) 


Since c= ged(a,m), we know that c|a and c|m. Any common 


divisor of a and m is also a divisor of a—qem. We then have 


c|(a—qem), and so from Proposition 2.1-13 c is a divisor of 
gcd(m,a—qem). Therefore c|d, and so c<d. 

Since d=gcd(m,a—q+m), then d|m and d|(a—qe+m). Any 
common divisor of m and a—gqem is also a divisor of a. We 
then have dla, and so d is a divisor of gcd(a,m). Therefore 
d|c,andsodsc. 

Since c<d and d<c, we must then have c=d, and so 


gcd(a,b) = ged(m,a—qem). rs 


If cla and c|b, then: 


d(a,b 
po( tb) 8H 
ents C 
Proof: 
eet 
a b\ 
d= gcd} —,— 2 
g < ra (2.1-49) 
From Bézout’s identity (Proposition 2.1-11) we have: 
a b 
—*X+—ey=d (21-50) 
G C 
or 
aext+tbey=ced (2.1-51) 


Using Bézout’s identity again, we have: 


aextbey=ced=ged(a,b) (2.1-52) 
Therefore: 
cdia,b 
We ged(a,b) (2.1-53) 
‘gE 
and so: 
fa b cdi(a,b 
gcd| <4). Saami (2,6) (2.1-54) 
ear GB 


gcd(a,b)=1 if and only if integers x and y exist such that 
aextbey=l. 

Proof: 
From Bézout’s identity (Proposition 2.1-11), we have: 


gcd(a,b)=aextbey (2.1-55) 


If aex+b+y=1, then by Bézout’s identity we must have 
gcd(a,b)=1 since 1 is the smallest positive integer that can be 


expressed as a linear combination of a and b. 


Conversely, if ged(a,b)=1, then by Bézout’s identity there 


must exist x and y such that aex+bey=1. m 


An integer c is an integral linear combination of a and b if and 
only if c isa multiple of gcd(a,b). 
Proof: 


Let d=gcd(a,b). If c is an integral linear combination of a 


and b such that: 

C=aextbey (2.1-56) 
then since d|a and d|b, we must have d|c, and so c is a 
multiple of d= gcd(a,b). 


Conversely, if c is a multiple of d=gcd(a,b) then we have 


c=ked. From Bézout’s identity (Proposition 2.1-11) we obtain: 


d=gced(a,b)=aex’+bey’ (2.1-57) 
Therefore we can write: 

c=ked=ae(kex’)+be(key) (2.1-58) 
Letting x=kex’, y=key’, we have: 

c=aextbey (2.1-59) 


Ifa,b,ceEZ, then gcd(c, a)+gced(c,b) = gcd(c, a+b). 


Proof: 
From Bézout’s identity (Proposition 2.1-11) we have: 


cexta+y=ged(c,a) (2.1-60) 


cewt+bez=gcd(c,b) (2.1-61) 


and so: 


(cextasy)e(cow+bez)=gcd(c,a)eged(c,b) (2.1-62) 
or 
ce(xecewtxebezt+asyew)+aebe(yez)= 
= gcd(c,a)+gcd(c, b) (2.1-63) 


Letting u=xecewt+xebeztaeyew and v= yez, we have: 


cout(asb)v=gced(c,a)+gcd(c,b) (2.1-64) 
Therefore from Bézout’s identity again: 
gcd(c,a)egcd(c,b)= gcd(c,a*b) (2.1-65) 


Proposition 2.1-21: 

If gcd(a,b)=1 and if d|aeb, then d=gcd(d,a)+gcd(d,b). 
Proof: 

Since ged(a,b)=1 and d|a+b, we have: 


d=gcd(d,ab) (2.1-66) 


From Proposition 2.1-20, we then have: 
d= gcd(d,a+b)=gcd(d,a)+gcd(d,b) (QAe67) 


gcd(kea,k+eb)=kegcd(a,b) where keN. 
Proof: 


Let d=ged(a,b) and d’=gcd(kea,k+b). From Bézout’s 
identity (Proposition 2.1-11) we have: 


asx+bey=d=gcd(a,b) (2.1-68) 
Multiplying by k: 
(kea)ex+(keb)ey=ked=keged(a,b) (2.1-69) 
Since d’|kea and d’|k+b, we have d’|ked. 
From Bézout’s identity we can also write: 
(kea)ex’+(keb)+y’ =d’ = ged(kea,k+b) (2.1-70) 


Since dja and d|b, we have ked||[(kea)+x’+(keb)ey’]. 
Therefore ked|d’. Since d’|ked and ked|d’, we have d’=ked, 


or 


gcd(kea,k+b)=k«ged(a,b) (2.1-71) 


If ged(a,b)=aex+bey, then ged(x, y)=1. 


Proof: 
Let gcd(x,y)=d. Since d|x and d|y, we can then write 


x=dex’ and y=d-y’. Therefore: 


gcd(a,b)=aextbey=(aed)ex’+(bed)ey’ — (21-72) 
or 

gcd(a,b) = gcd(a+d,bed) (2.1-73) 
From Proposition 2.1-22, we then have: 

gcd(a,b)=d-gcd(a,b) (2.1-74) 


which cannot be correct unless d=1, and so we must have 


gcd(x, y) =l.5 


If gcd(a,b)=1 and gcd(a,k+b)=d, then d|k. 


Proof: 


From Bézout’s identity (Proposition 2.1-11) we have: 


aextbey=1 (2.1-75) 
Multiplying by k: 
keaextkebey=k (2.1-76) 


Since dja and d|k-eb, the left side of equation (2.1-76) is 
divisible by d. Therefore the right side of this equation must 
also be divisible by d and so we have d|k. m 


Proposition 2.1-25: 
Geant, 
gcd(a,,a,,+++,a,) = gcd(ged(a,,a,,"--.d,,).4,)- 


a, are nonzero integers where n23, then 


Proof: 
We will let: 
d= gcd(a,,a,,+++,d,) Qa=77) 
= gcd(ged(a,,a,,+ iat ace) (2.1-78) 


Since we have d|a, for i=1,2,---,n, by Proposition 2.1-13 
-++,a,,). We also have d|a,,and so d|d’. 


Since we have d’|gcd(a,,a,,---,a,,) and d’|a, Then d’|a, 


2 n-l 


we have d| gcd(a,,a,, 


for i=1,2,---,n, and so, by Proposition 2.1-13, d’|d. 


Since d|d’ and d’|d, we must have d=d’. Therefore 


gcd(a,,d,, ae) = gcd(ged(a,, Ure aes): a, ) (2.1-79) 


Using Proposition 2.1-25 it is possible to determine the 
greatest common divisor of a set of integers by first splitting the 
set into subsets and determining the greatest common divisors 


of the subsets (see Example 2.1-19). 


From equation (2.2-1) we have: 
Example 2.1-19 


AEN 
Evaluate gcd(14,28, 56, 91,105) using Proposition 2.1-25. oe ine j (g2—) 
or 
Solution: 
a 
ged (14,28, 56, 91,105) = ged(ged(ged(14, 28, 56), 91), 105) ie |< (2.2-4) 
or: 


Example 2.2-1 
ged(14,28, 56, 91,105) = gcd(ged(14, 91), 105) 


If a is an odd integer, what does E equal? 
and so: 2. 
gcd (14,28, 56,84, 91,105) = gcd(7, 105) =7 Solution: 
Since a is odd we have: 
2.2 GREATEST INTEGER FUNCTION BS) 
From the division algorithm a=q+*m+r we have: where k € Z. Therefore: 
a r i =| AE [aes ee 
—=g+— ¥ ae er 7am era || omer AY 
a a _ (2.2-1) eae 93 9 
Since 
and, as noted in Section 2.1, g can be defined as the greatest 
integer resulting from the division of a by m. k= a 
The greatest integer of a number xe Z is represented by : 
the notation int(x) or by the notation | x |. A function: LNs 
a a= 
f(x)=L+] (2.2-2) ly 8 


is known as the greatest integer function or as the ceiling 


function. 


Example 2.2-2 
If a is an odd integer, show that = 2 eae 


Solution: 


Since a is odd we have: 
a=2ek+1 


where k € Z. Therefore: 


a |_|(2ek+l) |_| 40k? +4ek4+1 
AVS ae 8 4 


Since 


=k? +k=ke(k+1) 


2.3. RELATIVELY PRIME 


Two integers a and b (not both zero) are designated as 
relatively prime, coprime, or prime to each other if they have 
no common divisor greater than 1. We will then have 


gcd(a,b)=1 since all integers have a common factor of 1. This 


means, of course, that if two integers a and b are relatively 
prime, their prime factorizations will have no primes in 
common. Euclid in Book VII of The Elements (Definition 12) 
noted that numbers which are “prime to one another are those 
which are measured by a unit alone as a common measure.” Two 
integers a and b can be relatively prime to each other although 
neither a nor b is a prime number. 

A set of integers {a,,4,,4,,:,a,} is designated as 
mutually relatively prime if gcd(a,,a,,a,,:++,a,)=1. That is, if 
the integers of a set are mutually relatively prime, these 
integers will have no common factor other than 1. Therefore no 
one prime number will appear in the prime factorizations of all 
integers in the set. 

A set of integers {a,,a,,a,,-:-,a,} is designated as pairwise 
relatively prime if ged(a,,a, jal for every i# /. That is, a set of 
integers is pairwise relatively prime if no two of them have a 
common factor greater than 1. Therefore no prime number 
appears in the prime factorizations of any two integers in the 
set. If the integers of a set are pairwise relatively prime, these 
integers will also be mutually relatively prime (see Example 
2.3-1). 

Two different prime numbers will, of course, always be 
relatively prime. The number | and any integer a are always 


relatively prime since gcd(1,a)=1. If any two integers a and b 


are divided by d=gcd(a,b), then by Proposition 2.1-10 we 
know that a/d and b/d will always be relatively prime. 
Example 2.3-1 
Are the following numbers relatively prime? 
1. The numbers 8, 9, and 10. 
2. The numbers 8, 9, 11, and 13. 
3. The numbers 8, 10, and 12. 


Solution: 


1. 8,9 and 10 are mutually relatively prime since there is no 
factor common to all three numbers. We then have 
gcd(8,9,10)=1. Note that 8, 9 and 10 are not pairwise 
relatively prime since gcd(8,10)=2. 


2. 8, 9, 11, and 13 are mutually relatively prime and also 
pairwise relatively prime. Any two of the numbers are 
relatively prime since no two of the numbers has any 


common factor greater than 1. 


3. 8, 10, and 12 are not relatively prime. The common factor 
for all three numbers is 2: gcd(8, 10, 12) = 


The process of reducing fractions to their lowest terms 


always results in the numerator and denominator of a fraction 


being relatively prime to each other. If c=ged(a,b), then the 


fraction a/b can be reduced: 


b mec m (2.3-1) 


where n and m have no common factor greater than 1 (all other 
common factors are included in c). Therefore n and m are 
relatively prime. If two integers are relatively prime, the ratio of 
the smaller number to the larger number will always be a 


fraction that is reduced to its lowest terms. 


Example 2.3-2 


Find the positive integers <12 that are are relatively prime to 
12. 


Solution: 


If we examine the fractions: 
tL 2. 34> 5-6-7 8 9° 10 It 12 


2 iD » pe po i 
we find that only the fractions: 
eae meee 
I 12 i 2 
are reduced to their lowest terms. Therefore 1, 5, 7, 11 are 


relatively prime to 12. 


If ged(a,b)=1, then ged(a*,b*)=1. 
Proof: 
Since gcd(a,b)=1, the integers a and b will have no 


common factors (divisors) except 1. If a is raised to the a 
power and b is raised to the B power, the factors of a will all be 
raised to the a power and the factors of b will all be raised to 


the B power. No new factors will be introduced into a or b, 


however. Therefore we will have ged(a® ,b? ) =l.. 


If a|b+c and ged(a,b)=1, then a|c. 
Proof: 
Since gcd(a,b)=1, from Bézout’s identity (Proposition 
2.1-11) we have: 
aextbey=1 (2.3-2) 
Multiplying by c: 
aecex+(bec)sy=c (2.3-3) 
Since a divides bec, we see that a divides the two terms on the 


left side of this equation and so divides the linear combination 


of the two terms: aec+x+(bec)+y. We then must have a|c. m 


gcd(a,bec)=1 ifand only if gcd(a,b)=1 and ged(a,c)=1. 
and 


gcd(a+b,c)=1 if and only if gcd(a,c)=1and gced(b,c)=1. 


Proof: 
Using Proposition 2.1-20 we can write: 
gcd(a,bec) = gcd(a,b)+gcd(a, c) (2.3-4) 
gcd(a+b,c)=ged(a,c)+gced(b, c) (2.3-5) 


Since the greatest common divisor is always 21, to have 
gcd(a,bec)=1 we see from equation (2.3-4) that we must also 
have both gcd(a,b)=1 and gced(a,c)=1. Similarly, to have 
gcd(a+b,c)=1 we see from equation (2.3-5) that we must also 
have both ged(a,c)=1 and ged(b,c)=1. 


Conversely, if ged(a,b)=1 and ged(a,c)=1, we see from 
equation (2.3-4) that we must have gcd(a,b+c)=1. Similarly if 
gcd(a,c)=1 and gcd(b,c) = 1, we see from equation (2.3-5) that 
we must have gced(a+b,c)=1. m 


We can use Bézout’s identity (Proposition 2.1-11) as 
another way to prove Proposition 2.1-8: 

If a|c and b|c, and if gcd(a,b)=1, then a+b|c. 
Proof: 


Since a|c and b|c, some integers k and j must exist such 
that: 


c=ack=bej (2.3-6) 
From Bézout’s identity (Proposition 2.1-11) we also have: 

aextbey=1 (2.3-7) 
Multiplying this equation by c: 

C=(aextbey)ec=aecextbecey (2.3-8) 
Using equation (2.3-6): 


C=aebejextbeackey (2.3-9) 
or 
C=(aeb)e(jextkey) (2.3-10) 


Therefore ab is a factor of c and so we have aeb|c. m 


If a|bec and if d=ged(a,b), then (a/d)|c. 
Proof: 


Since a|b+c, we have (a/d)|(b/d)+c. From Bézout’s 


identity (Proposition 2.1-11) we also have: 


aext+tbey=d (2.3-11) 
Dividing by d: 
a b 
—ex+—ey=] (2.3-12) 
Multiplying by c: 
(S «| v4(4 . =e 2.3-13 
ee 7 Vis (2.3-13) 


Since a/d divides the two terms in brackets, then from 
Proposition 2.1-1 we know that a/d divides the left side of 
equation (2.3-13). Therefore a/d must also divide the right side 


of this equation, and so we have (a/d)|c.™ 


If p is a prime number, then gcd(p,a)=1 or gcd(p,a)=p. 


Proof: 


Since the prime p has only 1 and p as divisors, we must 
have ged(p,a)=1 (if p is nota factor of a) or ged(p,a)= p (if p 


is a factor of a). & 


If gcd(a, p)=1 and gced(b, p)=1, and if a+ p’ =be p* where p 
is a prime number, then j =k. 
Proof: 


We are given: 


ae p! =bep* (2.3-14) 
Suppose k > 7. We can write: 
a=b-p*! (2.3-15) 


Then p*” is a factor of a, but we have gcd(a, p)=1. This is a 


contradiction unless j=k. = 


If a,b eZ have the prime factorizations 


0G 
k=] 


so that gcd(a,b) has the prime factorization 


n 


ged(a, b) a3 | BG see. 


k=1 
then gcd(a,b)=1 if and only if a, +B, =0 forall k. 
Proof: 


We are given: 


ged(a,b)= | | poe” (23-16) 
k=1 
To have ged(a,b)=1, we must have: 
min(@,, B,)=0 (2.3-17) 


for all k. Since aw, 20, B, >0, equation (2.3-17) will be true for 
each k if and only if either @, =0 or B, =0. Therefore we must 


have a,°f8,=0 forall k.m 


Two consecutive integers a and a+1 are always relatively 
prime. 
Proof: 


Any common divisor of a and a+1 must also divide 


(a+1)—a=1. Since only 1 divides 1, we have: 


gcd(a,at+l1)=1 (2.3-18) 


Therefore two consecutive integers a and a+l1 are always 


relatively prime. m 


If gcd(a,b)=1 and c\a, then gcd(c,b)=1. 


Proof: 
Let d=gced(c,b). Then d|c and d|b. We are given c|a and 


so dja. Therefore d is a common divisor of a and b. Because 


gcd(a,b)=1, we must then have d=1, and so gcd(c,b)=1. = 


If gcd(a, b) ae gcd(b, c) =1,and ged(a,c) =|, then: 


gcd(a,b,c)=1. 


Proof: 

Let d=gcd(a,b,c). Then dla, d|b, and d|c. But this is 
impossible unless d=1 since gcd(a,b)=1, gced(b,c)=1, and 
ged(a,c)=1. ca 


Given any arithmetic progression of n terms: 
a, atb, a+2+b, a+3eb,+»,at(n—-l)eb 
where ged(a,n)=1 and gcd(b,n)=1, only one term of the 


arithmetic progression will be divisible by n. Moreover the other 


terms will all yield different remainders when divided by n. 


Proof: 
Let qi> q>; U35°""s qd, be the quotients and n> r,, Rolie r, be 


the remainders of the terms of the arithmetic progression when 
divided by n. Also let j and k refer to two different terms of 
the arithmetic progression so that j<n and k<n. We then can 


write: 


+(k-1)-b=neq, +h, (2.3-20) 


If we assume that r,=7, for any given pair of terms, we 


obtain by subtracting equation (2.3-20) from equation (2.3-19): 


(j-k)-b=n-(q, -4] (23-21) 


Since ged(b,n)=1 and (j—k)<n, we know that n cannot be a 
factor of (j-k)+*b. Therefore equation (2.3-21) is impossible, 
and so we cannot have r, = 7,. All remainders of the terms of the 
arithmetic progression when divided by n must then be 
different. In some order then, these remainders must equal 
0,1, 2, 3,--»,n—1. Since only one of these remainders is zero, 
only one term of the arithmetic progression will be divisible by 


n. 


2.4 EUCLID'Ss LEMMA 

Euclid’s lemma concerns the divisibility of factors of an 
integer product by a prime number. Euclid’s lemma is given in 
Book VII of The Elements (Proposition 30): “If two numbers by 
multiplying one another make some number, and any prime number 
measure the product, it will also measure one of the original 


numbers.” This lemma is also known as Euclid’s first theorem. 


If p isa prime number and p|a+b, then p|a or p|b. 


Proof: 
We are given that p is a prime factor of aeb. If p isa 


factor of a, then Euclid’s lemma is obviously true. 


If we assume that p is not a factor of a, then p and a are 
relatively prime and gcd(p,a)=1. From Bézout's identity 


(Proposition 2.1-11) we have: 

pextary=ged(p,a)=1 (2.4-1) 
Multiplying by b: 

(p)ebex+(aeb)ey=b (2.4-2) 


Since p is a factor of the two terms in brackets on the left side 
of this equation, by Proposition 2.1-1 p is a factor of the left 
side of this equation. Therefore p is also a factor of b, and so 


p|b. = 


Note that if p were not a factor of a or b, but was a factor 
of asb, then the product a*b would have a _ prime 
decomposition containing a factor not contained in either a or 
b. This would violate the unique factorization theorem. 

Also note that if we have c|a+b where c is not a prime 
number, then it is possible that c I Geamauc I b. In fact, if claeb 
but c He a andc I b, then from Euclid’s lemma (Proposition 2.4-1) 
we know that c must be a composite integer (see Examples 
2.4-1 and 2.4-2). 


Example 2.4-1 


a Example 2.4-3 
Given 7|19120563 and 19120563 = 3927+ 4869, does 7 divide 


ER eaeethe tacione? Show that if p is a prime number and if gcd(a, p)>1, then 
pla. 
Solution: 
Solution: 


We find that 7|3927. Note that 7 is a prime number and so 


Euclid’s lemma does apply. 
3927 =7+56] greater than 1. However the only divisors of p are 1 and p 


Since gcd(a, P) >1,a common divisor of a and p exists that is 


(see Proposition 2.3-5). Therefore we must have p|a. 


envio Proposition 2.43 


We know that 10|(5+6). Does Euclid’s lemma apply? If p isa prime number and p| Ila , then p must divide at 


least one of the factors a,. p- 


Solution: 
We have 10 He 5 and 10 } 6. Euclid’s lemma does not apply Proof: 
since 10 is not a prime number. We have 10|(5+6) because the From Euclid’s lemma (Proposition 2.4-1), we know that: 


prime factorization of 10=2+5 is contained within the 


d tes 6 5 2 3 If pfa,, then P |G, °d,*A, ea 
pro uc ° = e ed. 


If pfa,d,, then p|a;*d,°::-9a 


ee 


Proposition 2.4-2: and so on. This process can continue until, for at least one k in 


If p isa prime number and p|a°, then p|a. the range 1<k<n, we must have p|a,, or we would have 


Proof: Ph % _o 


Follows from Euclid’s lemma (Proposition 2.4-1) by letting 


b=a ul 


If p is a prime number, and gcd(p,a)=1 and gced(p,b)=1 
then ged(p,a+b)=1. 
Proof: 


Follows from Proposition 2.3-3. m 


If p a , where p and q, are all prime numbers, then 


k=1 
P=4, for some k. 
Proof: 
If p|q,*9,°q;°--:*q,, then for some gq, in this product we 
must have p|q, (see Proposition 2.4-3). Since each q, is a prime 
number, its only divisor greater than 1 is gq, itself (see 


Proposition 2.1-2). Therefore we have p=q, forsome k. m 


If p isaprime number and if p|a", then p" |a". 


Proof: 
If a is a prime number and p|a", then from Proposition 


2.4-5 we have p=a and so p|a. Therefore p” |a’. 


If a is a composite number and p|a", then by Proposition 
2.4-3 we know that for some prime number gq, in the prime 
factorization of a we must have p=q,. Again we have p|a. 


Therefore p”|a". m 


a— Il p,' is the prime factorization of a, then b|a if and 
k 


only if b=] | pe where 0< B, <a, forall k. 
k 


Proof: 
By making some of the exponents zero if necessary, the 
same primes can be used in the factorization of both a and b. 


We can then write: 


a= [| = Abe a [eo ‘ [|“ (2.4-3) 
kl fal k=l k=l 


Or 


n 


a=] [or b= b+] [pr (2.4-4) 
k=1 


k=1 


Therefore if 0< B, <a@,, then [] pe will be an integer, and so 
k=1 
b will be a factor of a; we then have b|a. 


Conversely, if b|a then we must have a=ceb for some c. 
Since the prime factorization a=J] 7 is unique for a, the 
prime factors that appear in a Gee present in c+b. Let the 
prime factorizations of b and c be b=|[p/* and c=T] pi. 
We then must have: ; Ss 


k=l k=l k=1 k=l 


We see that y,+ 6, =a, andso0<f, <a, forall k.m 


If p isa prime number and p|a, then p ts one of the factors in 


the prime factorization of a. 
Proof: 

If a=|][q% is the prime factorization of a, and if pla, 
then from pronenion 2.4-3 we then have p=q, for some one 


value of k. m 


There are infinitely many primes of the form 4+k+3 where 
KEN. 


Proof: 

From Proposition 1.2-1 we know that any odd prime will 
have either the form 4+k+1 or 4*k+3. If we assume there are 
only a finite number of primes: 3, p,, p,, P3.°"*, p, having the 


form 4-k+3, we can write: 


N=4ep,°p,*p3:7'* Pp, +3 (2.4-6) 


If N is a prime, it will be a prime having the form 4+k+3 
that is larger than any of the primes 3, p,, p,, p3,.°:*, P,, which 
is then contrary to our assumption of a finite number of primes. 
There must then exist infinitely many primes of the form 
4Aek+3. 

If N is not a prime, we know that at least one of the 
primes in the prime factorization of N must have the form 
4+k+3 or else every factor of N would have the form 4+¢k+1. 
From Proposition 1.2-2 we then know that N would have the 
form 4¢k+1. 


From equation (2.4-6) we see that: 
DAN (i=1, 2,-, 2) (2.4-7) 
since 


D3 (i=1, 2,---, 1) (2.4-8) 


None of the primes p,, P,, P3;,""', P, therefore divide N and so 
another prime must exist that is a factor of N and has the form 
4ek+3. There must then exist infinitely many primes of the 
form 4°k+3.m 


ged(a,b,°b, +b,+---°b,)=1 if gcd(a,b,)=1 for i=1,2,3,---,k. 


Proof: 

Let ged(a,b,+b,+b,+:--eb,)=d. Assume that d>1. Then 
p|d for some prime p. Since d|a and d|b,+b,+b,+---+b,, then 
p\a and p|b,-b,+b,+---+b,. From Proposition 2.4-5, we then 
have p|b, for some 1<i<k,andso p is a common divisor of a 
and some b, where 1<i<k. This is contrary, however, to 
ecd(a,b,)=1 for i=1,2,3,---,k. Therefore, we can conclude that 
d=1=gcd(a,b,+b,+b,++--b,). & 


Proposition 2.4-11: 
If gcd(a,b)=1 then ged(a,b*) = | forall k. 


Proof: 


Follows from Proposition 2.3-1 with a@=1, or from 
Proposition 2.4-10 with b,=b where i=1,2,3,::-,k. ™ 


If a+b is a square and if gcd(a,b)=1, then a and b are both 


squares. 


Proof: 


By a-b being a square is meant that as b=n where n isa 
perfect square. In prime factorization form a¢b is: 


2°, 


gree OUP 


aeb= ee (2.4-9) 


Since a and b must have unique factorizations, we can write: 


A= ppie ph? o-s+e ph (2.4-10) 

b= ple py ere pit (2.4-11) 
where 

B, gt fie Ze Ol; B, ee 0 (2.4-12) 


Since gcd(a,b)=1, however, a and b have no prime factors in 
common. Therefore we must have: 


2a, 


a= po ° ps” Seat: j (2.4-13) 


2°, 


b= pit «pS ee p, (2.4-14) 


and so a and b are squares. m 


For je N, ged(a’,b’)= | ged(a, b) |. 
Proof: 


We begin by using the prime factorization for a and b: 


GBT ies ie abs TS a I] Pe (2.4-15) 
i=l 
b= phe pi?» pi ee ph = [|“ (2.4-16) 


where, by making some of the exponents zero if necessary, the 
same primes are used in the factorization of both a and b. 


From Proposition 2.1-9, we have: 


ged(a,b)=] | pr (2.4-17) 
k=1 
and so: 
ged(a’,b/)= I] prinhar JB) (2.4-18) 
k=1 
But we have: 
min(j-o,, /*B,)=/+min(a,.B,) (2.4-19) 


Therefore: 


(2.4-20) 


7 J 
ged(a/ ; b’ | = T oe 


or 


gcd(a!,b’)= [ gcd (a,b) |’ (2.4-21) 


2.5 ‘THE EUCLIDEAN ALGORITHM 

A remarkable method for finding the greatest common 
divisor of two integers without having to factor either of the 
two integers is an algorithm presented by Euclid in Book VII of 
The Elements (Proposition 2): “Given two numbers not prime to one 
another, to find their greatest common measure.” This Euclidean 
algorithm is certainly one of the oldest nontrivial algorithms 
known. It is based upon repeated application of Propositions 
2.1-15 and 2.1-16 in the form: 


gcd(a,b) = gcd(b,a—b) (2.5-1) 


which states that the greatest common divisor of a and b is 
also the greatest common divisor of b and a—b. Using 
Proposition 2.1-16, Euclid found gced(a,b) by repeatedly 
subtracting the smaller number of a and b from the larger. 

To find gced(a,b), the Euclidean algorithm proceeds as 


follows: 


a, =" (1 b, = b (2.5-2) 
2. Define 

Gi.) = max(b, 14; — b,) (2.5-3) 

On = min(b, >a; — b,) (2.5-4) 


3. Compute a,,,, b,, for i=1,2,---,k until: 


i+l 
a, =b, (2.5-5) 
4. Wecan then conclude that: 
ged(a,b) =a, =b, (2.5-6) 


Either a, 


i+] 


or Db. 


.., will always be smaller than in the 


previous iteration. The iterations must cease after a finite 


number of steps since a,,, and b,, must remain nonnegative 


i+] 
integers and there are only a finite number of integers less than 


a,., and b, 


i .., and not less than zero. 


This algorithm works because of Proposition 2.1-16 which 


gives: 


gcd(a,b) = gcd(a,,b, ) Se gcd(a,,b, ) (2522) 


Example 2.5-1 
Find gcd(799, 187) using Euclid’s method: 


Solution: 


a, = 799 b, =187 

gcd(a,,b,) = gcd(799, 187) 
a, —b, = 799-187 =612 

gcd (799, 187) = gcd(a,,b,) = ged(612, 187) 
a, — b, = 612 -187 = 425 

gcd(799, 187) = gcd(a,,b,) = ged(425, 187) 
a, — b, = 425-187 = 238 

gcd(799, 187) = gcd(a,,b,) = gcd (238, 187) 
a, —b, = 238-187 =51 

gcd (799, 187) = gcd(a,,b;) = ged(187, 51) 
a, — b, = 187-51=136 

gcd (799, 187) = gcd(a,,b, ) = ged(136, 51) 
d, — b, =136-51=85 

gcd(799, 187) = gcd(a,,b,) = ged (85, 51) 
a, —b, =85-51=34 


Rather than making the repeated subtractions required by 


successive application of equation (2.5-1), the division 
algorithm a=qem+r can be used together with Proposition 
2.1-15. We can then obtain gcd(a,m) where a=2m>0 from the 


Euclidean algorithm. 


If a,meéN, then gcd(a,m) can be computed by a finite number 
of applications of the division algorithm, thereby obtaining a set 
of remainders. The last nonzero remainder is gcd(a,m). 
Proof: 
If a>m>0, then: 
a=qem+r 


O<r<m (2.5-8) 


gcd(a,m)= ged(m,r) (2.5-9) 


m=q,ert+T, O<sr,<r (2.5-10) 
ged(m,r)=ged(r, 7) (2.5-11) 
r=q,°r, +h O<n<7, (2.5-12) 
gcd(r,r,)=ged(r,,7,) (2.5-13) 
Te = eva Me + es OS Tyo <M (2.5-14) 
ged(7, Fru) = Cd (Tes Mia2) (2.5-15) 

then for some k=s: 
Mea hintaan ie (2.5-16) 
ecd(r_,,7,)=gced(r,,0)=r, (2.5-17) 

and so: 
gcd(a, m) = gcd(m,r)=ged(r, 1. )=ged(r,,7) 

= eed ere edie Pel —ecd| m0) ee ( Oe hel 8) 


We know from the division algorithm (Proposition 2.1-4) 


that integers g and r exist such that: 


a=qem+r O<sr<m (2.5-19) 


If r>0, then again integers g, and 7, must exist such that: 


M=Q, ert, O<s7r<r (2.5-20) 


These divisions can continue as shown in equations (2.5-8), 
(2.5-10), (2.5-12), (2.5-14), and (2.5-16). With each successive 
division, the parameters in the division algorithm decrease. The 
gcd as given by equations (2.5-9), (2.5-11), (2.5-13), (2.5-15), and 
(2.5-17) does not change (see Proposition 2.1-15). Equation 
(2.5-18) follows from these equations. 

As indicated by the above equations, the decreasing 


sequence of nonnegative integers: 


M>r>T,>1,>+>r,>0 (2.5-21) 


ends with 0. This is a consequence of the well-ordering 
principle, since each remainder r will be nonnegative and 
smaller than the previous remainder, and since r is bounded 
below by 0. Any such decreasing sequence of nonnegative 
integers must eventually end with zero. 

The repeated divisions can then continue until a 
remainder of 0 is encountered. Letting the final remainder be 


r,,, =0, we have: 
(2.5-22) 


ea = 541 ? ite 


and so r, divides r_,. 


If after the first step, a=qem+r, we have r=0, then 
gcd(a,m)=m. If r#0 then Proposition 2.1-15 can be applied 
multiple times to the point where the remainder is 0 and so the 
last remainder r, not equal to 0 is the gcd(a,m): 


gcd(a,m)=r, (2.5-23) 


The proof given above for the Euclidean algorithm 
depends upon the process terminating with a remainder of 
zero. We can show that this will always occur. We will consider 
the reminders of the divisions formed by the Euclidean 
algorithm to constitute a set S$. From the well-ordering 
principle, we know this set is bounded below by some 
minimum remainder r,,. We will now show that r, =0. 

Since 7,20 is the minimum remainder in the set of 
decreasing Euclidean remainders for a given input a,meéN, the 
algorithm will, after a finite number of steps, obtain the 
remainder r,,. If r, #0, the algorithm will proceed and a new 

But this is 


remainder r, will be found such that 7’ <r 
impossible since r,, is the minimum remainder. Therefore we 


m m m* 
m 


must have r. =0. 


m 


Solution: 


a=qem+r 

799 =4+187+51 = — gcd(799,187)= gcd(187, 51) 
187=3+51+34 = — ged(187,51)=gced(51,34) 

) = ged (34,17) 


1,34 
34=2+17+0 =  gcd(34,17)=gcd(17,0) 


( 
( 

51=1-34+17 = — ged(5 
( 

gcd(17,0)=17 
We have then: 
gcd (799, 187) = gcd(187, 51) = gcd(51, 34) = gcd(34, 17) 
=ged(17 0) 17 


Therefore ged(799,187)=17 (see Example 2.5-1). 


Example 2.5-3 

Find gcd(75, 16). 

Solution: 
ad=qem+r 
75=4+16+11 = — ged(75,16)=ged(16, 11) 
16=1-114+5 > © ged(16,11)=ged(11,5) 


11=2-5+1 = — gced(11,5)=gcd(5,1) 
5=5-1+0 => gcd(5,1)= gcd(I, 0) 
gcd(1,0)=1 


Therefore the gcd(75,16)=1 and so 75 and 16 are relatively 


prime. 


The Euclidean algorithm can be used to determine 


Bézout’s coefficients a and b: 
asx+bey=ged(a,b) (2.5-24) 


The Euclidean algorithm gives us gcd(a,b). Starting with the 
last step of the algorithm, we can follow the steps in the reverse 
direction to obtain Bézout’s coefficients by replacing the 


remainders with prior equations (see Example 2.5-4). 


Example 2.5-4 
Express gcd(799,187) as a linear combination of 799 and 187 
so that: 

799 «x +187 + y= gced(799, 187) 


Solution: 


From Example 2.5-2 we have gcd(799,187)=17. We will use 
the equations of Example 2.5-2 starting with the last step and 


working backwards. The original equations are: 


ad=qemt+r 
799 =4+187+51 = — gcd(799,187) = gcd(187,51) 
187=3+51+34 = — gcd(187,51)=ged(51,34) 
) = ged (34,17) 


1,34 
4,17) =gcd(17,0) 


( 
( 
51=1-344+17 = — gcd(5 
34=2+-17+0 =>  ged(3 
( 


gcd(17,0)=17 


Using r=a-—qem, we will substitute for r using the 


remainder of the previous equation. 


gcd (799,187) =17 
gcd(799, 187) =51-1+34 substituting for 17 


gcd (799, 187) = 51-1+(187-3+51) substituting for 34 


or 

gcd(799,187)=4+51—-1+187 

gcd(799, 187) =4-(799 —4+187)-187 substituting for 51 
and so: 


gcd(799, 187) = 799 +4 +187 +(-17)=17 = 799+ x+187+y 


Therefore x= 4 and y=-17 is an integer solution of the linear 
equation 799+ x+187+ y= gcd(799, 187). 


2.6 MULTIPLICATIVE FUNCTIONS 


A function f is defined as a completely multiplicative 


function if it is not identically zero, and if: 
f(men)= f(m)e f(n) (2.6-1) 


for every pair of m,neZ for which gced(m,n)=1. 
A function f is defined as a multiplicative function if it is 


not identically zero, and if: 
f(men)= f(m)- f(n) (2.6-2) 


for every pair of m,néN for which gcd(m, n) =\4 


If p and q are distinct prime numbers and if: 
f(p-a)= FP) F(@) (2.6-3) 


then the function f(p-+q) is multiplicative since all prime 


numbers are positive and relatively prime to each other. 
If f(n)=1 when neN, then f(n)=1 is multiplicative. 
Proof: 
If f(n)=1 when neN, then we have: 
f(men)=1= f(n)- f(m) (2.6-4) 


and so the function f(n)=1 is multiplicative. m= 


If f(n)=n when néN, then f(n)=n is multiplicative. 
Proof: 
If f(n)=n when neéN, then we have: 
f(men)=men= f(n)- f(m) (2.6-5) 


and so the function f(n)=n is multiplicative. m 


wens pues 


If f isa multiplicative function and a is a positive integer 


having the prime factorization: 


eer, on O3 One O,. 
ea) Uae) ee Ey Dek Be lf =| | 


then 


Proof: 


We will prove this proposition by mathematical induction. 


For n=1 we have: 


a= De (2.6-6) 


f(a)= f(pr) (2.6-7) 
and so the proposition is obviously true. 


We will assume the proposition is true for n=k: 


A= pie pyre pY ere pe (2.6-8) 


FP (pe 9 pp + pe ee pe )=S( pe ef (De) FDS Jee (De) 


(2.6-9) 
Then forn=k-+l: 
2 am) Slee AIO Le Se Led Ot (2.6-10) 


Since f is multiplicative and since the prime factors of a are 


relatively prime to each other (see Proposition 2.4-10), we have: 
ged([ pi" e ps e Bee Agtoc Be a ees — | (2.6-11) 
and so: 


f (Di = pe + py e+ pet « pes) 
= f (pits pss pe e+ pe )> (pe) (2.6-12) 
or using equation (2.6-9): 
f (Pri = Pr? = ps8 a+ De « es) 
= f (pr) f( ps )ef( pS Je flpet)* f( pest) (2.6-13) 


Therefore: 


n 


k=1 


We see that if a function is multiplicative for some 
integers, then this function determined for the product of these 
integers equals the product of the functions calculated for the 


individual integers. 


If f and g are multiplicative functions, then so are F = feg 
and F = f/g where g #0 when g isa divisor. 


Proof: 
We are given: 

(mon) = flma)e fn) (2.6-15) 

g(men)=g(m)-+g(n) (2.6-16) 
where gcd(m,n)=1. We then have: 

F(men)= f(men)eg(men) (2.6-17) 
and so: 

(men)=[ f(m)+ f(n)|+| g(m)+¢(n)] (2.6-18) 


or 


(men)=| f(m)+g(m)|-[ f(n)+g(n) | (2.6-19) 
Therefore: 
F(men)=F(m)+F(n) (2.6-20) 
Similarly: 
F(men)= f(men)/9(men) (2.6-21) 
and so: 
(men)=| f(m)+ f(n)|/[ g(m)+g(n) | (2.6-22) 
or 
(men)=| f(m)/g(m)]-[ f(n)/g(n) | (2.6-23) 
Therefore: 
F(men)=F(m)/F(n) (2.6-24) 
u 


2.7 DIVISORS OF AN INTEGER 


In number theory the number of divisors of an integer n is 
generally taken to mean the number of positive divisors of the 
integer denoted by t(n). The sum of these positive divisors is 
denoted by o(n). We then have the two number theoretic 


functions t(n) and o(n): 


r(n)= 1 (2.7-1) 


a(n)= dod (2.7-2) 


Since the notation d|n means that d is a divisor of n, the 
summation notation } in equations (2.7-1) and (2.7-2) means 
that the sums are Sal comnGied for values of d such that d is 
a divisor of n. 

The divisors of a prime p are only 1 and p. Therefore we 


have: 


t(p)=2 (GR) 


o(p)=ptl (2.7-4) 


The divisors of p* are 1, p, p. p.*, p* and so: 


t(p*)=at+ (2.7-5) 
o(p*)=1+ p+ p +p +--+ p* (2.7-6) 
Equation (2.7-6) is a finite geometric progression and so we can 
write: 
a Pens Gea eis 
o(p )=1+ptp + DP +--+ p = (2.7-7) 
P _ 


Example 2.7-1 
Show that: 


o(p*)=1+p+p +p +--+ p® 


Solution: 


From equation (2.7-6) we have: 


o(p*)=1+ ptp tp +--+ p* 


Multiplying by p we get: 


pro(p*)=ptp +p +--+ p" tp 


Subtracting o( p*) we obtain: 


OL 


p-o(p*)—o(p*)=p™" -1 


atl 


NSP se Da De eo * De =| | 


then 


kel 
n n rica 
o(N)=| L(l+p.+ p+ p++ p*)= 
zs 
k=1 k=1 ie 


Proof: 


If the prime factorization of an integer N is: 
Nez Pu ° joe ° D3: oreo pe = [|e (2.7-8) 


then we have: 
o(N)=(1+ p, +p, +p) +--+ pe )e(1+ py + ps + Dp Ho + PH Jor 
“(I+ p,+ prt pete pe) (2.7-9) 


and so: 


” 
nh 


tl 
o(N)=] [lita tetn++0%)=] [2 — e710 
| Eas 
k=1 


k=1 


Each term in this product occurs only once and so the number 


of divisors is: 


n 


t(N)=(a%, +1)(o,+1)-(a,+1)=] [(a +l) 27-11) 


k=1 


Example 2.7-2 
Determine 1(24) and o(24). 


Solution: 
The divisors of 24 are: 1, 2, 3, 4, 6, 8, 12, 24. Therefore we 
have: 
1(24)=8 
and 
o(24)=14+2+34+4+6+8+12+24=60 
The prime factorization of 24 is: 
A=) 3 
We can also use equations (2.7-11) and (2.7-10) to obtain: 
7(24)=(3+1)-(1+1)=8 


3+1 1+1 ‘ 
o(24)=(2 ay -]=15+4=60 


i 3-1 


If f and g are multiplicative functions and d is a nonzero 


integer, then ¥ f(d)+g(n/d) is multiplicative. 


d|n 


Proof: 


We are given: 


f(men)= f(m)+ f(n) (2.7-12) 


g(men)=g(m)-g(n) (2.7-13) 
where gcd(m,n)=1. If d,|m and d,|n then we must also have 


gcd(d,,d,)=1 and ged(m/d,,n/d,)=1. Let: 


Meee (2.7-14) 
and 
(men) )= > F(a): (men/d) (2.7-15) 
d|men 
We then have 
(men) => fl F(d,ed,)+g| @ (2.7-16) 
d|men em 
or 
m fn \ 
(men) = YY (a): el 2 } f(d,)eg = | (2.7-17) 
\ d, y, 
d,|m_ d,|n 
Therefore: 


F(men)=F(m)+F(n) (2.7-18) 


and so if f and g are multiplicative functions, then so is 


2/4) g(n/d). 


The number theoretic functions t(n) and o(n) are 


multiplicative functions. 
Proof: 


From Proposition 2.7-2 we know that if the functions /f 


and g are multiplicative, then so is: 


> fd) g(n/d) 


a 


(2.7-19) 


We will let g be the function g(n)=1 which we know from 


Proposition 2.6-1 is multiplicative. We then see that: 
ee (2.7-20) 
d|n 


is multiplicative. 
Letting f(d) be the multiplicative function f(d)=1, we 
have using equation (2.7-1): 


Y f(a= Vian) 


d|n d|n 


(2.7-21) 


Letting f(d) be the function f(d)=d, which we know is 
multiplicative from Proposition 2.6-2, we have using equation 
(2.7-2): 


(2.7-22) 


Y f(d)= Yia=o(n) 


d|n d\n 


Therefore the number theoretic functions t(n) and o(n) are 


multiplicative functions. m 


Note that the fact that the number theoretic functions t(1) 
and o(n) are multiplicative functions can be used to prove 


Proposition 2.7-1. 


2.8 LEASTCOMMON MULTIPLE 
A multiple of a integer is the product of the integer and 


some other integer. A common multiple of two integers a and 
b is some integer that is a multiple of both a and b, and so is 
divisible by both a and b. Acommon multiple of the integers 
in a set is then divisible by each integer in the set. Any set of 
two or more integers will have an infinity of common 
multiples. 

From the well-ordering principle, we know that for any set 
of two or more integers there must exist a least common 
multiple (designated by Icm). The lcm of a set of integers is the 
smallest positive integer that is some multiple of each of the 
integers in the set. The lcm of a set of integers is then the 


smallest positive integer that is divisible by all integers in the 


set. If a and b are two integers, the least common positive 


multiple of a and b is designated Icm(a,b). 


If a and b are positive integers, then the |cm(a,b) exists and is 


unique. 


Proof: 


For the two integers a and b, the product a+b is a 
common positive multiple of a and b, and so the set of 
common positive multiples of a and b is never empty. 
Moreover, this set is bounded below by min(a,b). Therefore a 
least common positive multiple Icom(a,b) must exist. 

Given two integers a and b, the conditions that are 


necessary and sufficient for d=Icm(a,b) are: 
1. a and db are both factors of d: 
ald b|d (2.8-1) 
2. Forany céN that has both a and Db as factors: 
alc b|c (2.8-2) 
we must have c2d so that: 


d|c (2.8-3) 


3. Wemust have d>0. 


To show that the d=Icm(a,b) is unique, we assume the 
opposite; namely, that two Icm(a,b) exist: d,=Icm(a,b) and 
d, =|cm(a,b). Since d, =Icm(a,b) and d, is a common positive 
multiple of both a and b, we have d,|d,. Similarly, we can 
show d,|d,. But this is possible only if d,=d, since 
Icm(a, b) >0. Therefore the Icm(a, b) is unique. @ 


The following relation holds for the least common 


multiple: 
Icm(a,b) = Iem(—a, b) = lcem(a,—b) = lem(—a,—b) (2.8-4) 
The least common multiple is encountered when dealing with 


fractions, where it is known as the lowest common 


denominator. 


Example 2.8-1 
Find Icm(6,8). 


Solution: 


Multiples of 6 are: 

6,12,18, 24, 30, 36, 42, 48,--- 
Multiples of 8 are: 

8,16, 24,32, 40, 48, 56, 64,-:: 


In the sequences of multiples of 6 and 8, the first common 
multiple of both numbers is 24. So we have Iem(6,8)= 24. 
Note that Icm(6,8)<6+8=48. 


Example 2.8-2 


Show that for any odd integer a, the least common multiple 
of a’ —a is 24. 


Solution: 


From Example 1.5-1 we know that a°-a is a multiple of 6. 


We can write: 
a -a=a+(a -1) 
Since a is an odd integer, we must have a=2+k+1 where k 


is some integer. 


If k is an even integer, we have k=2+j where j is some 
integer. We then have a=4-j+1 and so: 

a’ -a=(4+j+1)+([4+j+1] -1)= (4+ j+1)-(16-j?+8- J) 
or 

a —a=64¢ 7° +48-j°+8-+) 


Therefore: 


a —a=8+(8+j°'+6+j°+/) 


Any number which is a multiple of a and b must be 


divisible by the maximum value of each prime factor of a and 


b. The prime factorization of a and b, can be written as: 


a= De e Dae e Dae ere Dp: = [|e (2.8-5) 
k=1 
b= pis ph? spy ase pir = [|e (2.8-6) 


where, by making some of the exponents zero if necessary, the 
same primes are used in the factorization of both a and b. We 


can then determine the lem for a and b from: 


n 


Icm (a, b) = Il] pails: Fe) (2.8-7) 


k=1 


where max(a,, ,) is the larger value of the two exponents , 
and 8, for the given p,. If a and 5 are relatively prime, then 


we have: Iem(a, b) =aeb. 


If a,be€Z have the prime factorizations: 


b=] [or 
k=1 


then the \cm(a,b) has the prime factorization 


n 


Icem(a,b)= Le 


k=1 
where max(a@,,f,) is the maximum value of a, and B, for the 


given P,. 


Proof: 


ie I] pi (2.8-8) 


If y, 2a, and y, 2 B,, then d is a common multiple of a and b. 


If y, =max(a@,,B,), then d must be the Icm(a,b) since all other 


common multiples of a and b are greater. ™ If a,,dy,**,4, €N where k 23, then: 


Icm(a,,a,,°::,a@,)=Icem((a,,a,,°::,a,_,),a,}. 
Example 2.8-3 (4,45 ‘) (4, 2 1) i) 


Proof: 
Find the lcm for the following: 
Pe Let e=djem( aga as. and d=Icm(c,a, ). Then a,|c, 
Teas) d,|c, «+ , @ |e, and cld, a,|d. Therefore from division 
2. lem(1350,1617). property 3 in Section 2.1: 
ey 342 if b|e and e| f, then b| f 
4 5 
we have: a,|d, a,|d,-:- , a,|d, and so d isa common multiple 
Solution: of a,,d,,+++,a,. But since d=Icm(c,a,), we must then have: 
1. _ 92,21, 50 970 al cl 
| ee sens. 5 — 224585 lom(q,,4,,-++,4,)=lem((a,,a,.°*- Arcee (2.8-9) 
Icm(12, 15) = ry max(2, 0) . gmax(1, 1) z 5max(0, 1) = D2 . 2 2 5 = 60 S 
2. 1350=2'+3° 05° 67°11" 1617 =2° 03) 05°07 oll! 


Example 2.8-4 


Icm(1350, 1617) = a max(l, 0) P gmax(3, 1) 2 5max(2, 0) 2 qmaxt0, 2) : 1 pmaxt0, 1) - 
Verify Proposition 2.8-3 for: 


= 2803°65° +7 oI! = 727650 lem(12,15,22,32) = lem((12, 15, 22),32) 
3,215, 8 _ 23 Icem(4,5) = 20 Solution: 
4°5 20 20 20 


We have: 12 = 27-3’, 15=3'«5', 22=2'-11', 32 =2°. From the 


maximum value of the exponents in the factorizations, we 


have: 


_ 495 1 1 bes 
Icm(12, 15, 22,32) = 2° «3! +5! e11' = 5280 Property 


Commutative 
lom(12)15,22)=2°=3'=5 == 660 
Icm(660, 32) = 2° +3' + 5'+11' = 5280 
Therefore: lom(16, 24,32, 64) =lem((16, 24, 32), 64) Idempotence 
Proposition 2.8-4: Absorption gcd ( (a, — 7s a 
If a,,d,,°:,a, €N are pairwise relatively prime, then: Distributive (m- a,m-: -b) =m: -gcd(a,b) b) 


lom(d,,4,,***,d,)= a, ed, e-+9d,. Table 2-2 gcd properties. 


Propert 
Since no two of the numbers a,,a,,---,a, have any factors sal 


in common other than the number 1, we must have: Icm (a ; b) = Icm (b, a) 


lom(d,,d,,*+*,d,) =a, °d, *++-*d, (2.8-10) Icm( (a, Icm( Dic r on .b),c) 
B 


and 


Proof: 


Iem( (a, — a 


2.9 PROPERTIES OF GCD AND LCM 


If a,b,c are nonnegative integers, the following tables 


present properties of their gcd and Icm. As can be seen from Icm( (m- a.m: b) =e Icm( a, b) 


these tables, the properties remain unchanged when the 


operations of gcd and Icm are interchanged. Table 2-3 lcm properties. 


9. Ifa|c and b|c, then lem(a,b)|c. (2.9-9) 


10. max(a,b)<Icm(a,b)<a+b (2.9-10) 
11. ged(a,b)|Icm(a,b) (2.9-11) 
12. Iem(kea,k+b)=kelem(a,b) (2.9-12) 
Table 2-4 Dual gcd/Icm properties. max(a+b)+min(a*b)=a+b where a,beN. 
We also have: Proof: 
1. gcd(a+b)-lem(a+b)=a+b (2.9-1) If max(a*b)=a, then min(a*b)=b, and similarly if 
max(a+b)=b, then min(a+b) =a. Therefore: 
Paes a ,b)=a if and only if b z 
SOA: ye ee, max(a*b)+min(a*b)=a+b O73) 
by gcd(a,b)+Ilem(a,b)=aeb (2.9-3) ~ 
fe ie ee | 
Icem(a eID 
5. 1<ged(a,b)<min(a,b) (2.9-5) gcd(a,b) 
aeb 
6. lem(a,b)= Alea (2.9-6) Proof: 
The prime factorizations of a and b can be written as: 
7. If gcd(a,b)=1, then Icem(a,b)=aeb (2.9-7) 


: Ll Did Opa Dp Sova Ei I] Pi (2.9-14) 
8. ged(a,b)=Icm(a,b) if and only if a=b (2.9-8) ea 


b = py ° pe e pe @rsce@ p™ — [|“ (2.9-15) lem Ge b — eas, 2 9-22 
23 ( ) gcd(a, b) ( . ) 
where, by making some of the exponents zero if necessary, the We can use this equation to compute Icm(a,b) since the 
same primes are used in the factorization of both a and b. We gcd(a,b) can be obtained using Euclid's algorithm. m 
then have from Propositions 2.8-2 and 2.1-9: 
rite Example 2.9-1 
lom(a,b)=| [2 x(0%, By) (2.9-16) 
k Use 
aeb 
min(o,, PB, lcm a,b = —— 
ged(a.b)=| | pre (2.9-17) (a,b) ged(a,b) 
k 
aed: to find Icm(799, 187). 
Iem(a, b) e gcd(a, b) — I] pene B;) - I] pont B;) (2.9-18) Solution: 
ie : : We have gcd(799,187)=17 as shown in Example 2.5-1. 
as Gas FRCnes Therefore: 
lem(aeb)egcd(aeb)= [| eee seas (2.9-19) =00 127 
k [enn (09137) ee Ee 
gcd (799,187) 17 
From Proposition 2.9-1 we then have: 
lom(a+b)+ged(a+b) = IT] pee (2.9-20) Example 2.9-2 
k 
ob 
or Use Iem(a,b) =~ to find ged(1350,1617). 
gcd(a,b) 
lem(a+b)+gcea(aeb)= | [oe =] |? =aeb (2.9-21) 
: : Solution: 
and so: 


From Example 2.8-3 we have: 


If a|c and b|c, then \cem(a+b)|c. 


Proof: 


The prime factorizations of a and b can be written as: 


a= Po e Dae e Da @rsce Die = [| (2.9-23) 
k=1 
b= py ° ps e pr ere p™ = I] Pi" (2.9-24) 


where, by making some of the exponents zero if necessary, the 
same primes are used in the factorization of both a and b. We 


then have from Proposition 2.8-2: 


Iem(a, b) 2 | Baa oee 
k 


(2.9-25) 


and so any integer divisible by both a and b will be divisible 
by Icm(a,b). "4 


If gcd(a,b) = ged(a,c) and lem(a,b) =1cm(a, c), where 
a,b,cEN, then b=c. 


Proof: 
From Proposition 2.9-2, we have: 
aeb= gcd(a, b) ° Icm(a, b) = gcd(a, c) ° Iem(a, c) =aec (2.9-26) 


Since a*eb=aec, we then have b=c.& 


2.10 EULER’S PHI-FUNCTION 


In 1763 Euler introduced the number theoretic function 
known as the o-function or totient function. The function 
o(n) is defined as the number of positive integers that are equal 


to or greater than 1 but less than n, and that are relatively prime 


ton (integers k so that 1<k<n and gcd(k,n)=1). The notation 
o(n) for the totient function was first used by Gauss (1801). 


If we examine the fractions: 
1-2 3°45. 65 7-8 


9'9°9/9'9'9'9"9 
we see that only the fractions: 


O40 O40 66.76 
are reduced to their lowest terms. Therefore 1, 2, 4, 5, 7, 8 are 


relatively prime to 9. We then have ¢(9)=6. 


If and only if p is a prime number will o( p)= p-1. 


Proof: 

Since p is a prime number, all natural numbers less than 
p will be relatively prime to p. That is, 1,2,3, ---,p—1 will be 
relatively prime to p. Therefore p—1 positive integers are less 


than p and relatively prime to p, and so @(p)= p-1. 


Conversely, if p is a positive integer such that @(p)=p-1, 
then there are p-—I positive integers less than p that are 
relatively prime to p. Since there are only p-1 positive 
integers less than p (including 1 which is relatively prime to 
p), No positive integer less than p and greater than 1 can be a 


divisor of p, and so p must bea prime number. m 


Integers <n and Coprime with n 
1 1 


1 
Lye 


12,54 


1,3 
sf; 


sz 
1,2.845,67.89,101012 22 


ia 
ae 
a 
ee) 
ea 
ED 
Be 
15 


2 
esis 6 


Table 2-5 The function @(n) for integers n<18. 


11 
IZ 
13 
14 
if 

6 


Totient functions are given in Table 2-5 for the first 18 
positive integers, and in Appendix F for the first 250 positive 
integers. By definition o(1)=1. For all integers n>1, o(n)<n 


since gcd(n,n)=n, and so n cannot be relatively prime to 1. 


If and only if p is a prime number and k >0, then: 


tpt opel el gts 
o(p)= p'— ph = pt 1-4]- p'*+(p-1) 
Proof: 
Let n is a positive integer such that: 


k 


a (2.10-1) 
and let S be the set of positive integers {1,2,3,---,n}. Since we 
have: 

n= p''ep (2.10-2) 
then p‘" of the integers in § will be multiples of p. If and only 


if p is a prime number will all other numbers in S be relatively 
k-l 


prime to p. Therefore only p*” of the integers in S$ will not be 


relatively prime to n. We then have: 


6( p*) =p’ — p*' = ptt |= pe(p=1) 


7 (2.10-3) 


IfneN, then: 


(2.10-4) 


Proof: 


As noted in Section 2.7, the summation notation ¥ in 
equation (2.10-4) means that the sum includes only PAneee d 
such that d is a divisor of n. 

We will define a set $, to be one containing all positive 
integers i where 1<i<n and where gcd(i,n)=d. Therefore all 


the integers i are grouped into various sets §, according to 


their gcd with n, where each i belongs to one and only one set 
defined by gcd(i,n)=d. We also have from Proposition 2.1-10: 


ion 
cd} —,— }=1 
Z E ) 


Equation (2.10-5) is then a condition for an integer i to be an 


(2.10-5) 


element of a given set §,. According to this equation, the 
integers contained in a set S, will be those integers less than 
nid that are relatively prime to n/d. 

By definition of Euler’s »-function, the number of integers 
ieN that are less than n/d, and that are relatively prime to 
nid is o(n/d). Therefore the number of elements in a set S, is 
d(n/d). 

Since all positive integers i where 1<i<n will belong to 
one and only one set S,, the total number of elements in all the 


sets S$, is just n: 


n=) o(n/d) 


d|n 


(2.10-6) 


As n/d runs through all the divisors of n, so does d. We then 


n=) o(n/d)= Y9(d) 
d|n d|n 


have: 


(2.10-7) 


Therefore S' 9(n/ d) and IC ) contain the same terms but in 
d|n d|n 
opposite order. m 


Example 2.10-3 


Verify Proposition 2.10-3 for n=16. 


Solution: 


The divisors d of 16 are: 1, 2, 4, 8, and 16. We then have: 
Saye oe lini (ey, 


S5=12,0, 10514) 


Sa 
Ss = 18} 
Sis = {16} 


All integers from 1 to 16 are included in one of the sets: §,, S,, 


S,, S,,and §,,. The total number of elements is: 


Y o(n/d) = (16/1) + (16/2) + 6(16/ 4) +0(16/8) + (16/16) = 
a 844424141=16=n 


© 0(d) = 0(1)+ 0(2) +0(4)+ 6(8)+ 0(16) = 
(ele? pases 6 = 


If p isa prime number, then: 
0(p*"')= p-@(p*) 


Proof: 

From Proposition 2.10-2 we have: 

o(p'")= ce 7 p* =p +(p' oi p'") a p+o(p*) (2.10-8) 

Example 2.10-4 
If p is a prime and if we have: 0( p*)+o(p") =2+p*, show 
that a=1. 
Solution: 
From Proposition 2.10-2 we have: 

0( p*) = ae -_ poe 


and from equation 2.7-7: 


Therefore: 


and so: 
20 p26 p% + p*t—-1=2- p™ 26 p* 

or 
pv =1 

Therefore we must have @=1 and so: 
o(p)+o(p)=2+p 

From Proposition 2.10-1 and equation (2.7-4) we have: 
o(p)=p-! o(p)=ptl 

and so we again obtain: 


¢(p)+o(p)=(p-1)+(ptl)=2-p 


2.11 PERFECT NUMBERS 


The ancient Greeks considered a positive integer N to bea 
perfect number if the sum of its divisors is equal to twice the 


number itself: 


o(N)=2-N (2.11-1) 


Such numbers were thought to possess special powers and to 
be “good” numbers. Perfect numbers have been studied for 


centuries. 


The following theorem appears as Proposition 36 in Book 
IX of Euclid’s The Elements. It represents Euclid’s formula for 


finding perfect numbers. 


If 2’ -1 is a prime number, then 2°" « (2? - 1) is a perfect 


number. 


Proof: 
From Proposition 1.7-1 we know that for 2’-1 to be a 


prime number where p>1, then p must be prime. Since 2” -1 


is prime, its only divisors are 1 and 2” —1. We then have: 
o(2’-1)=1+(2?-1)=2? (2.11-2) 


The divisors of 2’" are: 1, 2, 2°, 2°,---,2’"'. This means that 


2°" and 2? —1 are relatively prime so that: 


ged| 2?", (2-1) ]=1 (2.11-3) 
From Proposition 2.7-3 we can then write: 
o[2°1-(2”-1) |=o(2”')-o(2”-1) (2.11-4) 
and so from equation (2.7-6): 
o[2?'6(2?-1)]=(14 2427 42% 4-42? ")o2? (2.11.5) 


or using equation (2.7-7): 


(2.11-6) 


Therefore: 


o[2'-(2?-1)]=2-[2?"-(2?-1)| 


and so 2”" “(2° -1) is perfect if 2° —1 is prime. m 


(2.11-7) 


Table 2-6 First eight perfect numbers. 


Euclid’s formula for finding perfect numbers never yields 
odd perfect numbers. It is not known if odd perfect numbers 
exist. The first eight perfect numbers in the form 2?" -(2? -1) 
are given in Table 2-6. 


Ne “(2” — 1) is an even perfect number, then 2° —1 must 
be a prime number. 

Proof: 
Since N is even, we can let N have the form: 


N=2'' 0c (2.11-8) 
where c is an odd number and k>1. Since N is a perfect 


number, we have: 


o(N)=2+N (2.11-9) 
Because 2*" is even and c is odd, we also have: 

Sedi2 =e) al (2.11-10) 
Therefore o(N)is multiplicative: 

o(N)=0(2'"+c)=0(2'")+a(c) (OTL) 


Using equation (2.7-7) we obtain: 


2* 1 


o(N)==—--a(c)=(2' -1)-0(c) (2.11-12) 
With equations (2.11-9) and (2.11-8) we can write: 
20N =222" 1 ec=2!ec=(2'-1)-0(c) (2.11-13) 


Therefore we see that: (2‘-1)|2‘+c. But (2‘- eae From 
Proposition 2.3-2 we then have: (2' ~ 1) |c. This means that: 


c= je(2*-1) (2.11-14) 


for some j¢N where j<c. From equations (2.11-14) and 
(2.11-13) we have: 


(2.11-15) 


Gea 2%] (2.11-16) 


where o(c) is the sum of all divisors of c. From equation 
(2.11-14) we have: j|c and j-(2‘—1)|c. Note that the second of 
these divisors of c is simply c itself. The sum of these two 


divisors of c is: 
jt j-(2'-1)=2"+jso(c)=j+e (2.11-17) 


Therefore these two divisors must be the only divisors of c. 


Since there are only two divisors of c and one of them is c 


itself, then c must be a prime number, and we must have j=1. 


From equation (2.11-14) we then have: 
Ge aed (2.11-18) 
and so 2‘ —1 is a prime number. 
From Proposition 1.7-1 we see that the exponent k must 
be a prime number p if 2‘-1 is prime. Using equation 
(2.11-18), equation (2.11-8) then becomes: 


N =2?".(2?-1) (211193 


and so every even perfect number N must be of the form 


2 “(2 -1), where 2’ —1 is a prime number. m 


Congruence Concepts a=r(modm) 


The theory of congruences concerns the relation of 
integers to each other as a function of their divisibility. 
Congruence theory, also known as modular arithmetic, was 
introduced in 1801 by Carl Friedrich Gauss in his book 
Disquisitiones Arithmetice, which is now considered a landmark 
in number theory (see Gardner, 1981). Gauss wrote this book 
when he was only twenty. Although work on divisibility 
problems has a long history predating the publication of 
Gauss’s book (see Bullynck, 2009), the theory of congruences 
invented by Gauss is different from previous work, and serves 
to unify all previous methods. Congruence theory is applicable 
to a wide range of problems in the many fields that employ 


number theory. 


3.1 ‘THE CONCEPT OF ARITHMETIC 
CONGRUENCE 
For aeZ and meEN we have from the division algorithm 


given in Proposition 2.1-4: 


a=qem+r O<r<m (3.1-1) 


Division by m then leaves only one of the following m 
possibilities for the remainder r: 10, 1,2,3,-°-,m— Ih. 


We can write equation (3.1-1) in the form: 


a-r=qem (3.1-2) 


and so: 


m|(a—r) G41-3) 


If meN and if m|(a—r) as given by equation (3.1-3), then 
a is said to be congruent to r for the modulus m, or a and r 
are said to be congruent modulo m. This is written using the 


notation due to Gauss: 
a=r(modm) (3.1-4) 


where the symbol = is read as congruent to. The term modulus 
comes from the Latin word meaning little measure. In congruent 
theory, all integers having the same remainder when divided 
by a natural number are considered to be equivalent numbers. 
If m{(a-r), then a is said to be incongruent to r for the 


modulo m. This is written using the notation: 
a#r(modm) (3.1-5) 


where the symbol # is read as incongruent to. 


a=b(modm) if and only if a—~b=q-+m for some integer q. 
Proof: 


We are given a=b(modm) and so m|(a—b). Therefore 


a—b=qem for some integer g. We then have a=qem+b. 


Conversely, if a—b=q+m for some integer q, then 


m|(a—b) and so a=b(modm). = 


We see, therefore, that two numbers are considered to be 
equivalent in the theory of congruences if their difference is an 


integral multiple of a natural number. 


a=b(modm) if and only if a and b leave the same remainder 


when divided by m. 


Proof: 
From the division algorithm we can write: 

a=q,-m+r, O<r<m (3.1-6) 

b=q,«m+r, O<r<m (3.1-7) 
Then: 

a—b=(q,-4q,)*«mt+(n-n) (3.1-8) 
Letting g=q,-—q,, we have: 

a—b=qem+(r,-n) (3.1-9) 


In congruence theory a and b are considered congruent 
modulo m only if their difference is an integral multiple of a 


natural number m so that a—b=qem (see Proposition 3.1-1). 


For a and b to be congruent, therefore, we must have r, —1r, =0 
in equation (3.1-9). The remainders 7, and r, must then be 
equal: 7,=7,, and so a and b must have the same remainder 


when divided by m. 


Conversely, if a and b have the same remainder when 


divided by m, we have: 


a=q,7m+r O<sr<m (3.1-10) 

b=q,-m+r O<r<m (3.1-11) 
Then 

a—b=(q,-q,)*«mt+(r—-r)=qem (3.1-12) 


where we have let g=g,-q,. From Proposition 3.1-1 we then 


have: 
a= b(modm) (3.1-13) 
= 
If b=0 in equation (3.1-13), we have: 
a= 0(modm) (3.1-14) 


which is another way of writing m|a. Therefore the divisibility 
relation is simply a special case of the congruence relation. We 


then have: 


k»m=0O(modm) (31-15) 


where keZ and meN. All multiples of the modulus m are 
congruent to 0 modulo m since all such multiples can be 
divided by m. Therefore multiples of m can be added to or 
subtracted from any integer modulo m without changing a 
congruence (see Proposition 3.6-2). Note that neither k nor m 
need be 0 for k*m to be congruent to 0 modulo m. 


Finally, we will always have: 


a= 0(mod1) (3.1-16) 


since all numbers can be divided by 1. 

Congruence equations are similar in many respects to 
algebraic equations, since they are based upon an equality (the 
equality of remainders). Since the factor k in the algebraic 
equation a-—r=k+em does not appear in the congruence 
equation a=r(modm), all numbers a that have the same 
remainder r when divided by the integer m are considered 
equivalent or congruent. The remainder r is sometimes 


expressed using an equality (not an equivalence!): 


r=amodm O<r<m (3.1-17) 


Two integers a and b are then considered to be congruent 


modulo m if: 


amodm=bmodm (3.1-18) 


3.1.1 CONGRUENCE EQUIVALENTS 


The following statements related to congruences are 


equivalent: 
1. a-b=kem where ke Z,and meN. 
2. a and b have the same remainder when divided by m. 
3. m|(a—b). 


4. az=b(modm). 


3.1.2 CONGRUENCE PROPERTIES 

The properties of reflectivity, symmetry, and transitivity 
that all congruences possess are the three defining conditions 
for an equivalence relation. It is for this reason that congruences 


are known as equivalence relations. 
1. Reflectivity: a=a(modm). 
2. Symmetry: If a=b(modm), then b=a(modm). 


3.  Transitivity: If a=b(modm) and b=c(modm), then 


a=c(modm). 


Proof: 
1. This can be written as m|(a—a) or m|0 which is Example 3.1-2 


obviously true. Every number is congruent to itself. Show that the following congruences are valid. 


2. If m|(a—b) then m|(b-—a), which can be written as 1. 38 =20(mod9) 
b=a(modm). 2. 31=7(mod6) 
3. If m|(a—b) and m|(b-c) then m||(a—b)+(b-c) | and 3. 121=0(mod11) 


so m|(a—c), which, in turn, can be written as 


im c(mod m) Solution: 


= 1. 9|(38-20)=9|18=2 which is an integer. 
Example 3.1-1 2. 6|(31-7)=6|24=4 which is an integer. 


Write the congruences: 41=19(mod11) and 19=8(mod11) as SPU ats Net Teen bgt 


one congruence using the transitivity of congruences. 


Example 3.1-3 


Solution: 
Are 37/12 and 25/12 congruent to each other? 


It is possible to eliminate 19 from the congruences: 


41 =19(mod 11) Solution: 
19 =8(mod11) eo 
using the transitivity of congruences given in Proposition a 
evieer Therefore 37 and 25 both have the same remainder when 


divided by 12, and so are congruent modulo 12: 
37 = 25(mod 12) 


41 =8(mod11) 


Example 3.1-4 1. 31=1(mod5) or 31=1(modk) 
Write the following equations as congruences. 2. 26=2(mod12) or 26 =2(modk) 
1 sizt_¢ 3. 15=7(mod2) or 15=7(modk) 

: 4. 44=4(mod8) or 44 =4(mod5) 
2 ae =3 
11 
Example 3.1-6 
X-— 
3. a “ For which natural numbers m are the following congruences 
valid? 
eit ieleiay 1. 15=1(modm) 
1. 37=7(mod5) 2. 80=3(modm) 
2. 33=0(mod11) 3. 25=1(modm) 
3. x=5(mod3) 
Solution: 


Example 3.1-5 1, m=1,2,7,14 


Ce Ne le), 
3. m=1,2,3,4, 6,8, 12, 24 


Write the following equations as congruences. 


1. 31-1l=5Sek 
2. 26=ke12+2 
Example 3.1-7 
3. 15-2¢k=7 
Express the numbers: 
4. 44=5-8+4 


oly 267-217, 16,176 


Solution: in terms of a congruence. 


Solution: 
31=26=21=16=6=1(mod5) 
since the numbers 31-1, 26-1, 21-1, 16-1, 11-1, and 6-1 


are all multiples of 5, they are all equivalent. 


Example 3.1-8 
Write these congruences as equalities: 
1. 28=1(mod9) 

2. a=b(mod10) 


Solution: 
ly 28. —1=97 =3-9 
2 4 —-V=ke lO 


Example 3.1-9 


Find the unit digits of the sum: 
S = 8076+ 3771+ 9867 + 5221 


Solution: 


Using a modulus of 10, the numbers in the sum S become: 
8076 = 807+ 10+ 6 = 6(mod 10) 


3771 =377+10+1=1(mod 10) 
9867 = 986 +10+7 = 7(mod 10) 
5221 = 522+10+1=1(mod10) 


since multiples of the modulus are congruent to 0. Therefore: 
8076 + 3771+ 9867 + 5221=64+1+7+1=15=5(mod10) 


Therefore the unit digit of the sum S is 5. Note that using 
congruences is much easier than computing the sum: 


S = 8076+ 3771+ 9867 + 5221 = 26935 
to find that the unit digit is 5. 


Example 3.1-10 


Verify Proposition 3.1-2 for the congruence 319 = 289(mod 5) 


Solution: 


Given: 
319 = 289(mod 5) 
we have: 
319 = 63-54+4 
289 =57°5+4 
and so the remainder is the same for 319 and 289 when 


divided by 5 as is expected from Proposition 3.1-2. We then 


have: 


319 = 4(mod5) ee 


289 = 4(mod5) We are given: 


a+*c=b-+c(modm) (3:1-19) 


Example 3.1-11 and so m|(a—b)+c. Since gcd(c,m)=1, we must have m|(a—b). 


If a=q,em+tr, and b=q,-m+r, where 0<r,,1r, <m, show that Therefore: 


a=b(modm) if and only if 7, =n. a = b(modm) (3.1-20) 


Solution: 


We wish to show that m|(a—b) if and only if r, =r, . We have: Example 3.1-12 


a-—b=(q,-qg,)emt(r—-r 
(1-4) (1-7) Can a common factor be cancelled from the congruence: 


and so m|(a—b) if and only if m|(7,-7,). Since 0<7,7, <m, 32 = 14(mod3)? 
we can have m|(7,—7,) if and only if 7, =7,. 
Solution: 
Proposition 3.1-4 (Euclid’s lemma): We can rewrite the congruence as: 
If p is a prime number and aeb=0(mod p), then we have 16+2 =7+2(mod3) 


BW tobig ea AU Cues io From Proposition 3.1-5, the factor 2 can be cancelled since: 


Proof: ged(2,3)=1 
This proposition is identical to Proposition 2.4-1 and the and so we have: 
proof is the same. m 16 = 7(mod3) 


Proposition 3.1-5 (Cancellation theorem): ee aes 


If aec=b+c(modm) and ged(c,m)=1, then a=b(modm). 


If a=b(modm) and 0s|a—b|<m, then a=b. 


Proof: 
We are given: 


a= b(modm) (3.1-21) 


and so m|(a—b). Therefore we have |a—b|2m and not 


0<|a—b|<m unless a=b. = 


3.2 FINITE NUMBER SYSTEM 
CONGRUENCES 


Modular arithmetic arises naturally when operating in any 
finite number system. Such systems, being finite, have a largest 
number m, and so repeat themselves every m units. In other 
words, such systems become cyclical with a period of m units. 
All operations in a finite number system then generally become 
modulo m. All multiples of m can then be ignored. If the 
difference between two integers a and b is a multiple of m, we 


have a—b=kem, and we can write: 
a=kem+b O0<b<m (3.2-1) 


where all the k multiples of m do not contribute to the 


congruence equation: 


a= b(mod m) (3.2-2) 


An example of such a finite system (which we encounter 
daily) is the 12 hour clock. It has a modulus of 12 (there is no 
number greater than 12 in this system). Because the finite clock 
system is so familiar to us, modular arithmetic is also known as 


clock arithmetic. 


Example 3.2-1 
What time is: 
1. 5 hours after 10 o'clock? 


2. 25 hours atter 10 o clock? 


Solution: 


1. 10+5=15=3(mod12) Clock reads 3 o'clock. 


15=12+3 The 12 can be ignored. 


2. 10+25=35=11(mod12) Clock reads 11 o'clock. 
35=124+124+11=2-12+11 
12 can be ignored. 


The multiples of 


Example 3.2-2 
If today is Wednesday, what day of the week will it be 45 days 


from now? 


3.3 RESIDUE CLASS 


When a=b(modm), then a and b are each called a 


residue of the other, modulo m. If a#b(modm), then a and b 
are each called a nonresidue of the other, modulo m. The term 
residue is used rather than remainder since a and b can be 
greater than m, and they can be negative. Anumber a can have 
an infinite number of residues. Only one of these residues will 
be zero or positive and less than m; this residue is known as the 
least residue modulo m. The least residue is clearly the same as 
the remainder. 

From the division algorithm (Proposition 2.1-4) for a/m 


we have: 


a=kem+r O<r<m (3.3-1) 


where r is the least residue modulo m since 0<r<m. From the 
division algorithm we know that the integer r is uniquely 


determined. Equation (3.3-1) can be written as: 


Chk (3.3-2) 
or as a congruence: 
a=r(modm) (3.3-3) 


and so the remainder r is congruent to a. This means that a 
will be congruent to one and only one of the least residues 
{0, ede yar ,m—1} as is shown in Proposition 3.3-1. This set of 


least residues is known as the least residue system modulo m. 


Every integer a is congruent modulo m to one and only one of 
the least residues: {0,1,2,3,---,m—1}. 


Proof: 
Let us assume that r, and r, are two different least 


residues among {0,1,2,3,---,m-1} to which a is congruent 


modulo m. We then have: 


a=r,(modm) a=r,(modm) (3.3-4) 
Therefore: 
r, =1r,(modm) (3.3-5) 


and so m|(r,—1,). However, since 0<r,<m and 0<1r,<m, we 


have 0<|r,-1,|<m. This means that m|(r,-7,) is possible only 


if r,=r,. Therefore every integer a must be congruent modulo 


m to one and only one of the least residues {0,1,2,3,---,m—1}. 


Since the remainder r is unique for any a/m, it is possible 
to categorize all integers modulo m into classes based upon the 
least residue r. Each residue class, congruence class, or 
equivalence class modulo m consists of all integers a 
congruent to the least residue r. If a=r(modm) then, a and r 
are in the same residue class. 

The modulus then specifies the number of classes into 
which integers are being divided. A given modulus m 
partitions the set of integers into a system of m distinct residue 
classes as shown in Proposition 3.3-1. The m least residues are 
all incongruent, and the set of integers {0,1,2,3,---,m—1} is 
known as a complete least residue system modulo m. 

Any m incongruent integers will always form a complete 
residue system modulo m, and every complete residue system 
consists of m incongruent integers modulo m. Any integer a 
will always be congruent modulo m to exactly one member of a 
complete residue system. 

Any two integers of a given residue class are congruent to 
each other. No integer can be a member of more than one 
residue class modulo m. Two integers in different residue 


classes are mutually incongruent. 


Two integers a and b are in the same residue class if and only if 


a=b(modm). 


Proof: 


Follows from the definition of a residue class. m 


Residue classes are denoted by 7, with each class 


containing integers equal to r plus or minus all multiples of m: 


rmodm={r,rtm,r+2¢m,r+3-m,---} (3.3-6) 


Since each residue class consists of the least residue r plus or 
minus multiples of the modulus m, all elements of a residue 
class will have the same gcd(r,m) as shown in Proposition 
3.3-4. 

A set of integers r, consisting of only the residue classes 
that are relatively prime to m is designated a reduced residue 
system modulo m. For a reduced residue system, we then have 
ged(r,,m)=1 and r,#r,(modm) for i#/. In a reduced residue 
system modulo m, therefore, each residue is pairwise relatively 
prime to m. Every integer that is prime to m is congruent 
modulo m to some number r, of the reduced residue system 
modulo m. Euler used his $-function or totient function @(m) 
to designate the number of positive integers that are less than 


m and that are relatively prime to m. A reduced residue system 


modulo m then consists of (mm) integers, and is a subset of the 
complete residue system modulo m. 
Example 3.3-1 


Which least residues must every integer a be congruent to 


modulo 5? 


Solution: 


One of the following congruence equations must hold for any 


integer a modulo 5: 


a=0(mod5) 
a=1(mod5) 
a=2(mod5) 
a =3(mod5) 
a=4(mod5) 


Therefore a modulo 5 must be congruent to one of the 


following least residues: {0,1,2,3,4}. 


Example 3.3-2 


Give the complete residue system and residue classes for 


m=A4. Also give the reduced residue system for m=4. 


Solution: 


For m=4 the complete residue system modulo 4 is 
{0,1,2,3}. The corresponding residue classes are: 0,1,2,and 
a: 
Omod4={0, 044, 0+2°4, 043+4,---} 
={----12,-8,-4, 0, 4, 8, 12, ---} 
Imod4={1, 144, 142+4, 143-4, --- 
= {----11,-7,-3, 1, 5, 9, 13,--+} 
2mod4={2, 244, 242-4, 243-4, -.- 
={----10,-6,—2, 2, 6, 10, 14,---} 
3mod4 ={3, 344, 342-4, 343-4, -.. 
={---9,-5,-1, 3, 7, 11, 15-4 


The positive integers less than 4 that are relatively prime to 4 
are 1 and 3. Therefore the reduced residue system modulo 4 is 
{1,3}. Note that o(4)=2. 


Any m consecutive integers will form a complete residue system 


modulo m. 


Proof: 


From Proposition 3.3-1 we know that any integer a is 


congruent to one and only one of the least residues 


r={0,1,2,3,---,m—1}. Therefore these least residues form a 
complete residue system modulo m and we have a=r(modm). 


Any m consecutive integers can be written as in the set R: 


R={b,b+1,b+2,b+3,---,b+(m-1)} (3.3-7) 


If such integers form a complete residue system, any integer a 


must then satisfy: 


a=b+r(modm) O<r<m (3.3-8) 


where any integer a is congruent to one and only one of the 
integers in the set R. 
To show that every integer a is congruent to one and only 


one of the integers in the set R, we assume the opposite: 


a=b+r(modm) a=b+r,(modm) (3.3-9) 


or 


a-—b=r,(modm) a—b=r,(modm) (3.3-10) 


and so these equations state that a—b is congruent to two 
distinct elements r, and r, of the complete least residue system 
{0,1,2,3,---,m—1}. But from Proposition 3.3-1 we know that 
this is impossible. Therefore we must have r, =7,, and so every 
integer a is congruent to one and only one of m consecutive 
integers. Any m consecutive integers will then form a complete 
residue system modulo m. Any m incongruent integers will 


also form a complete residue system modulo m. = 


Example 3.3-3 


Determine if {4,5,6,7,8,9,10} is a complete residue system 


modulo 7. 


Solution: 


We have modulo 7: 


4 = 4(mod7) 
5 = 5(mod7) 
6 = 6(mod7) 
7 =0(mod7) 
8 = 1(mod7) 
9 = 2(mod7) 
10 = 3(mod7) 


Therefore each element of {4,5,6,7,8,9,10} is congruent in 
some order to one and only one of {0, e223 45: 6} modulo 7 
and so {4,5,6,7,8,9,10} does form a complete residue 
system modulo 7. 


Example 3.3-4 
What modulus is {---,—32,-21,-10, 1, 12,23, 34,---} a residue 


class of? 


Solution: 
{---,—32,—21,-10, 1,12, 23, 34,---} 


is a residue class of 1mod11 as can be seen from: 


{140-11 1t1-11,1+2+11,143-11,---} 


Example 3.3-5 


If a, a,, a, and a, are integers such that no two are 
congruent modulo 4, do they form a complete residue system 


modulo 4? 


Solution: 


Since a, #a,(mod4) where i¥ j, in some order a,, a,, a,, and 
a, must be congruent to 0, 1, 2, and 3 modulo 4. Only one a, 
can then be in each of the 4 residue classes 0, 1, 2, and 3. 
Therefore {a,,a,,a,,a,} forms a complete residue system 


modulo 4. 


Example 3.3-6 


Determine the reduced residue system associated with the 
following complete residue system: 
{0,1,2,3,4,5, 6,7, 8,9, 10,11, 12,13} 


Solution: 

The complete residue system: 
{0,1,2,3,4,5,6, 7,8, 9,10, 11,12, 13} 

is modulo 14. Numbers that are prime to 14 are: 
Eso 1st 


and so this is the reduced residue system modulo 14. 


Example 3.3-7 


If p is a prime number, what is the reduced residue system 


modulo p? 


Solution: 


The integers {1, 2,3,°+-,p- 1} are all relatively prime to p and 


so form a reduced residue system modulo p. Note that 
o(p)=p-l. 


Example 3.3-8 


Is it possible for a reduced residue system modulo m to have 
the same number of elements as a reduced residue system 


modulo n when m#n? 


Solution: 


Yes, since we can have ¢(m)=@(n) when m#n as can be seen 


in Appendix F. 


Example 3.3-9 


Find the least residue of 10! modulo 11. 


Solution: 


The solution is easier if the factors are grouped: 
10!=(1+2+3+4)+(5+6)+(7+8)+(9+10) 
or 
10!=(24)+(30)+(56)+(90) =(2)+(8)+(1)+(2) =32(mod11) 
Therefore: 


10!=10(mod11) 


and so the least residue of 10! modulo 11 is 10. 


Example 3.3-10 


If p is a prime number where p >3, show that p=+1(mod6). 


Solution: 


We can write p=r(mod6) where we are trying to determine 
r. We then have: 


p=6eqtr 


Since p is an odd number, r must be odd. Therefore r can be 
1, 3, or 5. However if r=3, then we have p=6-g+3. Since 3 
divides the right hand side of this equation, we must have 
3|p. But this is impossible since p>3. Therefore r=1 or 
r=5,and so we have: 


p=1(mod6) or p =5(mod6) 


or 
p=+1(mod6) 


If a=b(modm), then ged(a,m) = gcd(b,m). 
Proof: 
Since a=b(modm) we must have: 


a—b=qem (3.3-11) 


or 


a=qem+b O<sb<m (3.3-12) 


From Proposition 2.1-15, we then have: gcd(a, m) = gcd(b, m) 
a 


From Proposition 3.3-4 we see that the gcd of an integer 
and its modulus will equal the gcd of any congruent integer 
and the same modulus. Therefore if a and b are elements of the 


same residue class modulo m, then ged(a, m) = ged(b, m). 


If gcd(a, m) =1 and {1 Ty That's r,} is a complete residue 
system modulo m, then {aer,,a*1,,d*1,,--,a*T, } 
is also a complete residue system modulo m, and is congruent 


tO {7,.1.Ty.*+*4T, | in some order. 


Proof: 


We are given gced(a,m)=1 and, since {f,.%.%5.°+.%,} is a 


complete residue system, we have from Proposition (3.3-4): 


gcd(r,,m)=1 l<sism (3.3-13) 
From Proposition 2.3-3, we then obtain: 

gcd(aer,,m)=1 l<i<m (3;3-14) 
The number of elements in the set {a*7,,a+1r,,a¢1r,---,a°7,} is 
the same as in the set {7,,7,,7,-+-,7, }. We also have: 

a+r, #a+r,(modm) (3.3-15) 


because if the congruence existed, a could be cancelled since 


gcd(a,m)=1, and we would have: 


(3.3-16) 


; =1,(modm) 


for some i and j where |1<i<m and I<j<m. Equation 
(3.3-16) is not consistent, however, with the fact that the set 


{t,.%.1."".7,} iS a complete residue system. Therefore r,#1,, 


and so the aev, are all incongruent and are distinct residue 
classes forming a complete residue system modulo m. 

For any given aer, it is possible then to find an integer 
0<d<=m such that: 


a+r, =d(modm) (3.3-17) 
From Proposition 3.3-4, we then have: 
gcd(a °T,, m) = gcd(d, m) (3.3-18) 


and so d must be one of the 7, in the complete residue system 
modulo m: eae He eee hake This means that, in some order, the 


elements of the set {aer,,a+r,a°r,,--,a*r,} are congruent 


modulo m with the elements of the least residue set 


Se ee eee an a 


3.4 EULER’S PHI-FUNCTION 
Proposition 3.4-1: 


o(n) is a multiplicative function. 


Proof: 


Multiplicative functions are defined in Section 2.6. ‘To 


show that ¢() is a multiplicative function, we must show that: 
o(men)=(m)-d(n) (3.4-1) 


when ged(m,n)=1. Therefore we will take gcd(m,n)=1. 
When @(m)=1 or ¢(n)=1, equation (3.4-1) obviously 
holds. 


We will now consider the case when ¢(m)>1 and @(n)>1. 


A complete residue system for modulo men can be written as: 


0 1 2 vee m-—-1 
m+ 1 m+2 m+(m-1) 
2em 2-m+1 2°m+2 2+m+(m-1) 


(ee Fs (Se een 


Each row is a complete residue system for modulo m and each 
column is a complete residue system for modulo n. This 
complete residue system modulo men has men consecutive 
integers. 

Of these men integers, (m,n) are relatively prime to 
men, and so constitute a reduced residue system modulo men. 
Of the residues in any given row, ¢(m) of them will be 
relatively prime to m. Of the residues in any given column, 
o(n) of them will be relatively prime to n. There are then 
o(m)+(n) integers relatively prime to m+n since we have 
gcd(m,n)=1. Therefore we have @(m+n)=@(m)+@(n) when 
gcd(m,n)=1. We can conclude that Euler’s ¢(n) function is a 


multiplicative function. m 


Solution: 


Since n is odd, we have gced(4,n)=1. Therefore o(4+n) is 


multiplicative, and so: 


o(4+n)=(4)-o(n) 


or 


o(4en)=2+9(n) 


Example 3.4-2 
Since 12 =3+4=2+6, does 9(12)=(3)+(4)=0(2)-0(6)? 


Solution: 
o(12)=4 9(3)=2 o(4)=2 9(2)=1— 46) =2 
and so: 
6(12)=0(3)-0(4)=2-2=4 
9(12)=9(2)+6(6)=1+2=2 
Therefore: 
9(12)=9(3)+9(4) # 9(2)-9(6) 
since ged(3,4)=1 while ged(2,6)=2 41. 


Example 3.4-3 
Verify Proposition 3.4-1 for @(45). 
Solution: 
45=5+-9 
ged(5*9)=1 
From Appendix F we have: 
(5)=4 (9)=6 (45) =24 
and so: 
G(45)=24 = 4-6 =9(5)-9(9) 


Therefore @(45) is multiplicative. 


¢(45)=24 can be checked by listing the integers less than 45 


that are relatively prime to 45: 
{1,2,4, 7,8, 11,13, 14, 16,17, 19, 22, 23, 26, 28, 29 
31,32, 34,37, 38,41, 43, 44} 
There are 24 integers in this set and (45) = 24. 


If the prime factorization of a natural number n is: 


Proof: 
Since ¢(n) is multiplicative, we have: 
o(n) = o( pt )+ Op? Jo O( pe (3.4-2) 
n= OP, : ( ; If n>2, then o(n) is an even integer. 
From Proposition 2.10-2 we can write: Proof: 
6(n) = p® 1 ! jos iL nent 4] (3.4-3) If n is an even integer, we can let n=2* +c where k>2 and 
1 2 Px 


c is an odd integer. We then have gcd( 2‘ ; c) =1, and so: 


o(n) = o(2* +c) =0(2")+o(c) (3.4-6) 
(3.4-4) 


since Euler’s o-function is multiplicative. Using Proposition 
2.10-2, we have: 


or 
é j E J k | k-I 
o(n)=n-] []i-2 =n] Tf] (3.4-5) (n)=2 {1-3} 0(0)=2 -o(c) (3.4-7) 
i=l Pi i=l Birrd 
a and so o(n) is an even integer if n is an even integer. 


If n is an odd integer, it will have some odd prime number 
p asa factor. Let n= p‘ +c where k>1 and c is some other odd 


integer. We then have ged(p‘,c)=1 and so: 


o(n) = 6(p" +c) =0(p")+0(c) (3.4-8) 


since Euler’s o-function is multiplicative. Using Proposition 
2.10-2, we have: 


o(n)= p' '+(p-1)-o(c) (3.4-9) 


Since p is odd, p—1 is even, and so we have $(n) is an even 
integer if n is an odd integer. 


Therefore if n>2, o(n) is an even integer. m 


If and only if p and q are two different prime numbers, then: 


Proof: 
Since @ is a multiplicative function and since p and q are 


two different prime numbers, gcd(p+q)=1. Therefore: 


(p+q)=9(P)+9(q) (3.4-10) 
From Proposition 2.10-1 we obtain: 

(p)=p-! (3.4-11) 

o(q)=q-1 (3.4-12) 


if and only if p and qg are prime numbers. Therefore: 


0(p-4)=9(P)-o(4)=(P-He(a-V) (3.4-13) 
Example 3.4-5 
If p isa prime number, does ¢(p+p)=(p-1) ? 


Solution: 

From Proposition 3.4-4, we have: 
9(p-4)=9(P)-0(4)=(p-1)(q-1) 

if and only if p and q are two different prime numbers, and 


so are relatively prime. However, since p is not relatively 


prime to itself: 
0(p>p)#9(P)*O(p) 

and so: 
o(p*p)#(p-1) 


Instead from Proposition 2.10-2 we have: 


2: 


6(p*p)=9(p )=p’-p=p*(p-l) 


o(2+n)=(n) if and only if n is an odd integer. 


Proof: 
If n is an odd integer, gced(2,n)=1, and so: 


¢(2°n)=0(2)-9(n)=(n) (3.4-14) where m2n. All the prime factors p, of a are included with an 
exponent 8, 2a, in the prime factorization of b since a|b. From 
Conversely, if n is an even integer we can write n=2' ec ia 
; proposition 3.4-2 we have: 
where c is an odd integer and k >1. We then have: ; ; : ; 
i 1 1 
o(n)=9(2! +c)=0(2")-a(e) (34-15) amet] fi-2 Jf] a0) 
2en)=9(2""+c)=9(2"")- O(c 3.4-16 ; 
o ol o( oc) ( ) o(6)=6-|1-1, i— : feet (3.4-23) 
Since 2 is a prime number, using Proposition 2.10-2, we obtain: debi oe ita 
o(n)=2' «(2-1)+9(c)=2"«9(c) (3.4-17) Therefore we see that @(a)|@(b) if a|b. ™ 
WA aoa 
IfaeN, then o(a°)=a-0(a). 
Therefore: 
o(2+n)=2+9(n)#0(n) (3.4-19) es 
etiee The prime factorization of a is: 
ifn is an even integer. m 
j= Ps ° Dee @rcce pe (3.4-24) 
Proposition 3.4-6: Ae 
Ifa,beN and a|b, then o(a)|@(b). Feels ROY £5 
\a)]elP) Geil gp eee (3.4-25) 
Proof: We then have from Proposition 3.4-2: 
The prime factorizations of a and b are: a aoa es Saree 
g(a maf | = ae | 24296 
a= jue oy ott po (3.4-20) ( P, p eae ( ) 
or 
b= phe pe arse phn (3.4-21) 


deletes fsb fal} oo 


Therefore using Proposition 3.4-2 again: 


o(a”)=a-o(a) (3.4-28) 


If m is a composite number, then o(m)<m-1. 
Proof: 
The prime factorization of m is: 
Mm = pete po env p% (3.4-29) 


From Proposition 3.4-2, we have: 


roam 2f tpt] ew 


Since each bracketed term is less than 1, we can write: 


o(m)sime| 1-2 J-m—2 m= (3.4-31) 
P, Py 


Since m is a composite number having two or more prime 


factors, we must have o(m)<m-1.™ 


Example 3.4-6 
Show that 6(3+a)=3-+0(a) if and only if ged(3,a) 41. 


Solution: 
iit gcd(3, a) =1, then we have: 
(3+a)=0(3)+(a)=2+6(a) #3-0(a) 


If gcd(3,a)#1, we can let a=3%+c where c is some positive 


integer such that gcd(3,c)=1. Therefore: 
(3+ a) = 6(3+3% +c) =0(3%" +c) 


Since ged(3,c)=1, we have: 


(3+a)= (3%) +(c) =(3% —3*)+9(c) 


or 


(3+ a) =3+(3% -3°")«o(c) =3+(3%)+ O(c) =3+ (3% +c] 


and so: 


o(n)=n/2 if and only ifn=2". 


Proof: 


From Proposition 2.10-2 we have: 


o(p!)= ph (p-=* *(p-1) (3.4-32) 
if and only if p is a prime number. 
If n=2", then since 2 is prime, we have: 
gee i 2° on 
=$(2'\==—-(2=1)2—=4 : 
o(n)=9(2')=>-(2-N=>=5 (3.4-33) 


Conversely, if @(m)=n/2 then since ¢(n) is an integer, n 
must be an even integer. We can then let n=2*+c where c is 
odd. Since ged(2*, c) =1, ¢(n) will be multiplicative and we can 


write: 


or 


lige Dre Ciie 
$(n)=5=—-=5 (0) 


(3.4-35) 


Therefore we find that c=@(c). Only for c=1 do we have 
c=(c) since (1)=1 by definition. We can conclude then that 
o(n)=n/2 if and only ifn=2".m 


3.5 CONGRUENCE DEFINITION OF EVEN 
AND ODD INTEGERS 


With congruence theory, integers can be divided into two 
residue classes, even and odd, using a modulus of 2. Even 


integers a have a residue of 0 and can be defined by: 
a= 0(mod2) (3.5-1) 
and odd integers a have a residue of 1 and can be defined by: 
a=1(mod2) (3.5-2) 
The residue class for even numbers includes: 
Omod2 ={---,-8,-6,-4,-2, 0, 2, 4, 6, 8,--+ (3.5-3) 
The residue class for odd numbers includes: 


Imod2 ={-.--,-9,-7,-5,-1, 1, 3, 5, 7, 9,-++ (3.5-4) 


3.6 CONGRUENCE RELATIONS 


If a+b=c(modm) and b=d(modm), then we have 
at+d=c(modm), 
Proof: 


From the definition of congruences and using the division 


algorithm, we have: 


at+tb=kem+c (3.6-1) 


b= jem+d (3.6-2) 


where k and / are integers. Using equation (3.6-2) to replace b 


in equation (3.6-1), we obtain: 


at jemt+d=kem+c (3.6-3) 
or 

atd=(k-j)*m+c (3.6-4) 
Therefore 

a+d=c(modm) (3.6-5) 
a | 


In congruence equations, any number can be replaced by 


any other number that is congruent to it for the given modulus. 


If a=(b+k+m)(modm), then a=b(modm). 
Proof: 
Since a=(b+k+m)(modm), we have: 


a—(btkem)=jem (3.6-6) 
or 


a—b=(jFk)em (3.6-7) 


Therefore we obtain: 
a= b(modm) (3.6-8) 
This result is to be expected since: 


k»m=0(modm) (3.6-9) 
a 


Ifa*b=c(modm) and b=d(modm), then asd =c(modm). 


Proof: 
From the definition of congruences, we have: 
ascb=kem+c (3.6-10) 
b=jem+d (3.6-11) 


where k and j are integers. Using equation (3.6-11) to replace b 


in equation (3.6-10): 


ae(jem+d)=kemtc (3.6-12) 
or 

asd=(k—a+j)*m+c (3.6-13) 
Therefore 

aed =c(modm) (3.6-14) 
= 


Basic Congruence a? 
Operations 


a(mod p) 


4.1 CONGRUENCE OPERATIONS 


Congruences can be added, subtracted, and multiplied 
just as though they were algebraic equations. Division of 


congruences is not always possible. 


4.1.1 ADDITION AND SUBTRACTION OF 
CONGRUENCES 
If a, a, b, bb€Z and meN, we have the following 


propositions: 


Given the congruences a,=b,(modm) and a,=b,(modm), 
then we have (a, ta,)=(b, +b, )(modm). 


Proof: 
Given two congruences: 
a, =b,(modm) a, =b,(modm) (4.1-1) 
the equivalent algebraic equations are: 
a,=kem+b, a, = jemtb, (4.1-2) 
Adding or subtracting these equations, we obtain: 


(a,+a,)=(k+j)+m+(b, £),) (4.1-3) 


and so the equivalent congruence equation is: 


(a, ta, )=(b, +b, )(modm) (4.1-4) 


Given the congruence a, = b,(mod m) where i=1,2,3,-:-,n, we 


have Ya, = >\b,(modm). 
i=l i=l 
Proof: 
Follows from Proposition 4.1-1 using mathematical 


induction. 


When two numbers are added, the possible remainders 


modulo m can be displayed in an operational table. The 


operational table for addition modulo 7 is shown in Table 4-1. 


Example 4.1-2 


Verify Proposition 4.1-3 for the congruence: 7 = 2(mod5) and 
the integer 3. 


Solution: 
7+3=2+43(mod5) 


or 
10 =5=0(mod5) 


which is a valid congruence. Note that in congruence theory 


it is possible to add two positive integers and obtain 0. 


Table 4-1 Operational table for addition modulo 7. 


4.1.3 MULTIPLICATION OF CONGRUENCES 


If a,,a,,b,,b,€Z and meN, we have: 


4.1.2 ADDITION OR SUBTRACTION OF AN INTEGER 
FROM CONGRUENCES 


Given the congruences a,=b,(modm) and a,=b,(modm), 


Given the congruence a=b(modm), an integer c can be added 
. then we have: a, +a, =b,+b,(modm). 
to or subtracted from both sides of the congruence: 


atc=b+c(modm) Proof: 
Proof: Given a, =b,(modm) and a, =b,(modm), we can write: 
Since c=c(modm) from Proposition 3.1-3, the proof of this a,=kem+b, a, = jemtb, (4.1-5) 


proposition follows from Proposition 4.1-1. m Therefore: 


a, ed, =(kemt+b,)+(jem+b,) (4.1-6) 25 =32 = 9(mod23) 


or 2° = 64 = 18(mod 23) 
a,ed, =(D,* j+b,+k+ jekem)emtb, +b, (4.1-7) 2° 02° =2" =18+9=162 =1(mod23) 
and so: Therefore: 
a, a, =b,+b,(modm) (4.1-8) 23|(2!'—1) 
a 
and so 23 is a factor of 2''-1. 
Example 4.1-3 When two numbers are multiplied, the possible 
Verify Proposition 4.1-4 for the congruences 11=6(mod5) remainders modulo m can be displayed in an operational table. 
and 7 =2(mod5) The operational table for multiplication modulo 7 is shown in 
Table 4-2. 
Solution: 


Multiplying the congruences, we have e}o}i}2)3(/4/5)6_ 
11-7 6+2(mod3) EYEE ZEAE SE SES 


77 = 12(mod5) 


or 


which is a valid congruence since (77 -12)/5=65/5=13 


Example 4.1-4 


Show that 23 is a factor of 2''—-1. 


Solution: 


We can write: Table 4-2. Operational table for multiplication modulo 7. 


Note in Table 4-2 that any nonzero row is simply a 
permutation of any other nonzero row. This will always be true 


for a prime modulus. 


4.1.4 MULTIPLICATION OF CONGRUENCES BY AN 
INTEGER 


If a=b(modm) then aec=be+c(modm), 


Proof: 


Since c=c(modm) the proof of this proposition follows 


from Proposition 4.1-4. = 


If ceN, then a=b(modm) if and only if 
aec=bec(modmec). 
Proof: 


We will have m|(a—b) if and only if m+c|(a—b)+c or 


mec|(aec—bec). Therefore we will have: 
a= b(modm) (4.1-9) 
if and only if: 


aec=bec(modmec) (4.1-10) 


4.1.5 DIVISION OF CONGRUENCES 
Proposition 4.1-5 would seem to imply that cancellation of 
any common factor c appearing on both sides of a congruence 


is always a valid operation. This is not true, however. A case 


where such cancelation is not valid is given in Example 4.1-5. 


Only under certain conditions as described by the 


following propositions is division of a congruence allowed. 


If a=b(modm) and c|m, then a=b(modc). 
Proof: 


We are given: 


m|(a—b) c|m (4.1-11) 


and so a~b=kem and m=j+c where k and j are some 


integers. We then have a—b=k- jec. Therefore: 


c|(a—b) (41e12) 
and we have: 
a=b(modc) (4.1-13) 


( \ 
If aec=bec(modm) and d= gcd(c,m) then a=b| mod}. 


Proof: 


If aec=b+c(modm) we then have: 


aec—bec=kem (4.1-14) 
or 

(a—b)*c=kem (4.1-15) 
Dividing by d: 

(a-b)-— = ker (4.1-16) 


Given that d= gcd(c,m), from Proposition 2.1-10 we have: 


geal 5.” =1 (4.1-17) 


and so, in equation (4.1-16), m/d must be a factor of a—b and 


not c/d (see Proposition 2.3-2). Therefore we have: 


( m \ 


ae nod 7) (4.1-18) 


and c has effectively been cancelled from a*c=b+c(modm) by 
changing m to m/gcd(c,m). Note that if d# gcd(c, m), then it is 


not necessarily true that m/d is a factor of a—b in equation 


(4.1-16), in which case equation (4.1-18) would not be true. m 


Solution: Proof: 


The greatest common factor in 33 = 6(mod9) is 3: We are given: 


11+3=2+3(mod9) aec=bed(modm) (4.1-19) 
Since gcd (3, 9) = 3, the factor 3 can be cancelled according to Adding and subtracting b+c, we have: 
Proposition 4.1-8: a+c—b+c+b+c—b+d=0(modm) (4.1-20) 
11=2(mod3) on 
which is a valid congruence. (a—b)+c+be(c—d)=0(modm) (41-21) 
and so m|(a—b)+c. Since gcd(c,m)=1, this means we must 
Example 4.1-8 have m|(a—b). Therefore: 
Can a common factor be cancelled from the congruence: a= b(modm) (4,1-22) 
22 =14(mod8)? 
Solution: Proposition 41-10 
The greatest common factor in 22 = 14(mod8) is 2: If a=b(modm), d|a, d|b, and d|m, then: 
11-2 =7+2(mod8) Gib m 
—= 7 mod =| 
Since gcd(2,8)=2, the factor 2 can be cancelled according to dd d 
Proposition 4.1-8: Proof: 
11=7(mod4) Since a= b(modm), we have: 
which is a valid congruence. a—b=kem (4.1-23) 
Since dla, d|b, and d|m, we can then write: 
Proposition 4.1-9: Cee (4.1-24) 


If aec=b+d(modm) and gcd(c,m)=1, then a=b(modm). dd d 


(4.1-25) 


If and only if m,,m,,---,m, €N and a=b(modm,) for 


i=1,2,3,---,n, does a= b(modlem(m,,m,,---,m,))- 


Proof: 

If a= b(mod™m, ) for i=1,2,3,---,n, then (a—-b) is a 
common multiple of m, for i=1,2,3,---,n. Therefore (a—b) 
must be divisible by the least common multiple of m, for 
i=1,2,3,--:,n as required by the definition of Icm (see Section 
2.8). We then have a= b(modIcm(m,, M,,***,M, )). 


Conversely, if a= b(modlem(m,, My ,*** Seal we have 
Icm(m,,m,,+++,m,)|(a—b). Since m,|lem(m,,m,,---,m,) by 
definition of lcm, we also have m,|(a—b) for i=1,2,3,---,n. We 


then must have a=b(modm,) for i=1,2,3,.-,n. ™ 


If and only if m,,m,,m,,-+-,m, are pairwise relatively 
prime and if a=b(modm,) for i=1,2,3,-+-,n does 


a=b(modm, +m, +m, +--+, ). 


Proof: 


Follows from Propositions 4.1-11 and 2.8-4. m 


If a=b(modmen) where mnéN, then a=b(modm) and 
a=b(modn). 

Proof: 
We are given a=b(modmen). Therefore m+n|(a—b), and 


so m|(a—b) and n|(a—b). We then have a=b(modm) and 
a=b(modn) = 


If a=b(modm) where m has the prime factorization 
m= Dia © ps? ° ps? ere Den then a= b(mod p* ) for 
i=1,2,3,-+°,n. 


Proof: 


Follows from Proposition 4.1-13. m 


The prime factorization of 1400 is: and so the multiplicative inverse of 2 modulo 5 is 3 as given 


1400 = 2° «5° +7 in Table 4-3. 
Using Proposition 4.1-14, we can write: 


4700 = 500(mod 2°) 
4700 = 500(mod 5° ) 


4700 = 500(mod7) 


4.1.6 MULTIPLICATIVE INVERSE OF AN INTEGER 
MODULO m 


If an integer a’ exists such that a+*a'=1(modm), the 


integer a' is designated as the multiplicative inverse of a 


modulo m or as the reciprocal of a modulo m (see Table 4-3). 


Since a! 


is by definition an integer, in congruence theory the 


notation a' does not mean 1/a. To be unique, a‘ must satisfy 


0<a'<m, and, a and m must be relatively prime for a™' to 


exist (see Proposition 4.1-15). Proposition 4.1-15: 


Example 4.1-10 If and only if gcd(a, m)=1, does there exist a unique integer a” 


anaes such that: 
Find the multiplicative inverse of 2 modulo 5. 


aea =1(modm) O<a'<m (4.1-26) 
Solution: 


2+3=1(mod5) Proof: 


If gcd(a,m)=1, then from Bézout’s identity (Proposition 
2.1-11), we have: 


aex+mey=gced(a,m)=1 (4.1-27) 
or 

aex—l=(-y)em (4.1-28) 
Therefore m|(a+x-1) and so we have: 

a*x =1(modm) (4.1-29) 


A solution x to this equation, where 0<x<m, is written 


x=a' modm. We then have: 


aera =1(modm) (4.1-30) 
Conversely, if 

aea' =1(modm) (4.1-31) 
then this is equivalent to: 

aea'-l=yem (4.1-32) 
where ye Z. Therefore we have: 

aea'+me(-y)=1 (4.1-33) 
From Bézout’s identity, we then obtain: 

gcd(a, m) =a (4.1-34) 


The uniqueness of the solution x=a™modm can be shown 
by letting: 


a+*b=1(modm) (4.1-35) 


where 0<b<m, and showing that b must equal a’. We have 
from equations (4.1-35) and (4.1-30): 


asb=aea ‘(modm) (4.1-36) 
Multiplying by b: 

asbeb=a+bea (mod) (4.1-37) 
Using equation (4.1-35): 

b=a'(modm) (4.1-38) 


where 0 < b,a' <m. Therefore b=a'. = 


The multiplicative inverse of an integer a modulo m can 
be determined by using the Euclidean algorithm (Proposition 
2.5-1) to find gcd(a,m), and then computing backwards to 
obtain x and y. This follows from equation (4.1-35) which is 


equivalent to a*x=1(modm), and so x=a". 


The number of least risidues modulo m for which there exists a 


multiplicative inverse is given by Euler’s phi function o(m). 


Proof: 

Since we must have gcd(a,m)=1 for a multiplicative 
inverse modulo m to exist (see Proposition 4.1-15), the number 
of integers 1<a<m for which a multiplicative inverse modulo 


m exists is given by Euler’s phi function @(m). = 


Example 4.1-11 


Find the multiplicative inverse of 7 modulo 41. 


Solution: 
We have: 
7 +x =1(mod41) 


where gcd(7,41)=1. We are looking for x=7'. We must 


have: 
7«T! = 42 =1(mod41) 


Therefore we must have 7" =6. 


Example 4.1-12 


Find the multiplicative inverse of 75 modulo 16. 


Solution: 


We have: 


75x =1(mod16) 
where gcd(16,75)=1. We are looking for x=75'. We have 


from Bézout’s identity: 
75¢x+16+y=gcd(16,75)=1 
To find x, we can use the Euclidean algorithm: 
ad=qem+r 
75=4+16411 = — ged(75,16)=ged(16,11) 
16=1-1145 =  ged(16,11)=ged(11,5) 
11=2°5+] =) ged(11,5)=ged(5,1) 
CeO = — gced(5,1)=ged(1,0)=1 
Computing the Euclidean algorithm backwards, we obtain: 
1=11-2+5=11-2-(16-1-11)=3+11—2+16 
1=3+(75-4+16)—2+16 =75*3-16+14=75+x+16ey 
Therefore x =3=75' and we have: 


75+3=1(mod16) 


and so 3 is the multiplicative inverse of 75 modulo 16. 


Example 4.1-13 
If p is a prime number and a*b=0(modp), show that 
a=0(mod p) or b=0(mod p) using the multiplicative inverse 


Of a 


If ged(a, m) =1 and gcd(b, m) =e en: 


(aeb)- =a'eb'(modm) 
Proof: 
From the definition of the multiplicative inverse, we have: 
(aeb)*(aeb) =1(modm) (4.1-39) 


Since gcd(a,m)=1 and ged(b, m) =1, from Proposition 4.1-15 we 
know that a and b* exist. Multiplying by a‘ +b”: 


(aeb)+(aeb) ea ‘eb =a" +b" (modm) (4.1-40) 


or 


(a-a')+(beb")+(aeb) =a'+b'(modm) (41-415) 


and so from the definition of the multiplicative inverse: 


(1)*(1)*(aeb) =a +b'(modm) (4.1-42) 
Therefore: 
(aeb)" =a +b '(modm) (4.1-43) 


fg 
If p is aprime and gcd(a, p)=1, then aéN is its own inverse 
modulo p if and only if a=1(mod p) or a=(p-—1)(mod p). 
Proof: 
We are given gcd(a,p)=1. From Proposition 4.1-15 we 


know that there then exists a multiplicative inverse a™' to the 


integer a such that: 


aea’ =1(mod p) (4.1-44) 
If a=a"', equation (4.1-44) becomes: 

asa=a =1(modp) (4.1-45) 
or 

(a’ -1)=(a+1)+(a—1)=0(mod p) (4.1-46) 


and so p|(a+l)e(a—1). From Euclid’s lemma (Proposition 


2.4-1) we must have either p|(a+1) or p|(a-1). 


If p|(a+1), we have by adding p=0(mod p): 


a=-1=p-—1(mod p) (4.1-47) 
If p|(a—1), we have: 
a=1(mod p) (4.1-48) 


Conversely, if a=+l(modp), then a’ =1(modp) and we 
have a-a=1(modp). Therefore a=a"'. 

We can conclude that a=a™ if and only if a=1 or a= p-1 
modulo p, and so 1 and p-1 are both their own multiplicative 


inverses modulo p. & 


m is a prime number if and only if (m—1)!=—1(modm). 


Proof: 
If m=2 (an even prime), we see that (2—1)!=—1(mod2) is 
obviously true. 


If m=p where p is an odd prime, then from Proposition 


4.1-15 we have: 
aea =1(mod p) (4.1-49) 


for all values of a in the range 1<a<p-—l, since for these 


values of a we have gcd(a, p)=1. Consequently, for each of 


these values of a there exists a unique value of a™ in the range 
lsa'sp-l. 

From Proposition 4.1-18 we know that only | and p—1 are 
their own multiplicative inverses. Therefore each a in the range 
2<asp-2 must have another a in the same range that is its 
multiplicative inverse. For values of a in the range 2<a< p-2 
there must then exist (p—3)/2 pairs {a,.a,'} such that for each 
pair we have a,+a,' =1(modp). The product of all a values 


from 2 to p—2 then gives: 


2+3+---*(p—2)=1(mod p) (4.1-50) 
and so multiplying by p-1: 
2+3+---*(p—2)+(p—1)=(p-—1)(mod p) (4.1-51) 
or 
(p—1)!=-I(mod p) (4.1-52) 
Conversely, if we have: 
(m—1)!=-1(modm) (4.1-53) 


then if m is a composite number, it can be factored with the 
factors being smaller than m—1. Therefore if m>4, the factors 
of m must occur in (m-—1)!, and so instead of equation (4.1-53) 
we have: 


(m—1)!=0(mod m) (4.1-54) 


Therefore, for equation (4.1-53) to be valid, m cannot be a 


composite number and so must be a prime number. m 


Proposition 4.1-19 was reported by (and is named for) 
John Wilson, and was published by his former professor 
Edward Waring in 1770. Waring noted that neither he nor 
Wilson were able to prove the theorem. Leibniz knew of the 
theorem as early as 1682, but also was unable to prove it. 
Shortly after the theorem was published by Waring, Lagrange 
(1771) provided a proof. 

Any positive integer m that is a prime number will satisfy 
(m-—1)!=-1(modm). Conversely, if a positive integer satisfies 
this equation, it must be a prime number. While Wilson’s 
theorem is then, theoretically, a test for primality, in practice 
(m—1)! becomes very large very fast as m increases, making 


this theorem of limited use as a primality test (see Table 4-4). 


ns ae aa 


720 
40320 
a 


1 
39916800 
479001600 
-1 
1 


6227020800 
87178291200 


—_-355687428096000 


Table 4-4 Examples of Wilson’s theorem for 2<m<20. 
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Example 4.1-14 


Verify Wilson’s theorem for p=11 using the proof given in 
Proposition 4.1-19. 


Solution: 


For p=11 we have the following pairs of a and a" in the set 
125 3,450,057, 859010): 
2°6=12=1(mod11 


) 
mod 11) 
) 


mod11 


(2+6)+(3+4)(5+9)0(7+8)=1° =1(mod11) 
or 
2+3+4+5+6+7+8+9=1(mod11) 
Multiplying by p-1=10: 
2+3+4e5+6+7+8+9+10=10(mod11) 
or 
10!=10(mod11) 
and so: 


(11—1)!=—1(mod 11) 


If asb=1(modm), then gcd(a,m)=1 and gcd(b,m) =1. 


Proof: 
If aeb=1(modm) then m|(a*b-1) and so asb-1l=kem. 
Therefore: 


asb+me(—-k)=1 (4-1-55) 


From Bézout’s identity (Proposition 2.1-11), we see that 


equation (4.1-55) is equivalent to both: 


gcd(a, m) =] and gcd(b, m) =| (4.1-56) 


In the congruence a*b=1(modm), we can consider either 


= 


b to equal a” or a to equal b". 


If p is an odd prime number and gcd(a, p)=1, then 
a’ =b"' (mod p) if and only if a=b(mod p). 
Proof: 
If we have: 
a= b(mod p) (4:1-57) 


Multiplying by a‘ +b": 


aea'eb'=a'+beb'(modp) (4.1-58) 


and so, using the symmetry property of congruences given in 


Proposition 3.1-3: 


b* =a'(mod p) or a'=b'(modp), (4.1-59) 


Conversely, if we have: 


a’ =b"(mod p) (4.1-60) 
Multiplying by a+b: 

aca eb=a+beb'(modp) (4.1-61) 
and so: 

b=a(mod p) or a=b(mod p) (4.1-62) 
ba 


4.1.7 CONGRUENCE OF INTEGER POWERS 


Raising an integer to an integer power is simply repeated 
multiplication. Therefore congruence operations can be 


expected to apply to integer powers. 


Ifa=b(modm), then a" =b"(modm) for neN. 


Proof: 


a= b(modm) (4.1-63) 
we have: 

m|(a—b) (4.1-64) 
We know that: 


a" —b" =(a—b)+(a" +a"? eb+--taeb"*+b"') (41-65) 


and so: 


(a—b)|(a" -b") (4.1-66) 
Since m|(a—b), we then have: 

m|(a" —b" | (4.1-67) 
Therefore: 

a" =b"(modm) (4.1-68) 


From the above proof we can see that if we have 


a"=b"(modm), it is not necessarily true that a=b(modm). 
Although we will have (a—b)| (a” —b") and m| (a —pb’ ), it does 
not follow that m|(a—b). 


Solution: 

We can write: 
89 = 1(mod11) 

Therefore from Proposition 4.1-22: 
89” =1"" =1(mod11) 


and so the least residue of 89” modulo 11 is 1. 


Example 4.1-16 


Determine the least residue of 83’ modulo 19. 


Solution: 

We can write: 
83 = 7(mod19) 

Therefore from Proposition 4.1-22: 
83° = 7° = 343 = 1(mod 19) 


3 


g3'° = (83°) +83=1° +83 =7(mod 19) 


and so the least residue of 83'° modulo 19 is 7. 


Example 4.1-17 


Determine the least residue of 3°’ modulo 13. 


Solution: 


We can write: 
3° = 27 =1(mod 13) 

Therefore from Proposition 4.1-22: 
(3° i a 1(mod 13) 


330 


and so the least residue of 3°” modulo 13 is 1. 


Example 4.1-18 
Determine the least residue of 2!” modulo 3. 


Solution: 

We can write: 
2° =1(mod3) 
2° = 2(mod3) 

Therefore from Proposition 4.1-22: 
(2?)° =1'°(mod3) 


or 


and 
(2°)° = 2! =1° =1(mod3) 


Therefore 


21° 62° =2'” =1+2(mod3) =2(mod3) 


and so the least residue of 2!” modulo 3 is 2. 


Example 4.1-19 
Show that 6 is a factor of 99996. 


Solution: 
We can write: 
99996 = 10° —4 
10 = 4(mod6) 
10° = 4° =16=4(mod6) 
10° = 4° = 16 =4(mod6) 


10° -10=10° =4-4=16=4(mod6) 


Therefore 6 | (10° — 4) and so 6 is a factor of 99996. 


Example 4.1-20 


Show that 641 is a factor of 2? +1. 


Solution: 
We can write: 


27" =2'° =(28) = 256 = 65536 = 154(mod641) 


5 2, 


27 =2” =(2') =154? = 23716 = 640(mod 641) 


2?" =—1(mod 641) 
Therefore: 
641|(2” +1) 


and so 641 is a factor of 27 +1. The number F, =2” +1 is the 
sixth of a sequence of numbers known as Fermat numbers. 
The first five Fermat numbers 3, 5, 17, 257, and 65537 are all 
prime. Fermat thought that all numbers having the form 
F =2° +1 might be prime, but this is obviously not the case. 
The sixth Fermat number is composite, as are all following 


Fermat numbers determined to date. 


Example 4.1-21 


Determine the remainder when 6” is divided by 17. Use the 


following complete residue systems: 


Onl 2,345.6, 7.8, 9 012 13,1415 16} 


{—8,-7,-6,-5,-4,-3,-2,-1,0,1,2,3,4,5,6,7,8} 


Solution: 


Using the complete residue system: 
10512, 354.5.6. 7,69 10 (112 13: (4 15:16) 


and so the remainder is 1. 


Using the complete residue system: 
{-8,-7,-6,-5,—-4,-3,-2,-1,0,1,2,3,4,5,6,7,8} 


we have: 


6° = 216=12 =-5(mod17) 


and so the remainder is 1. This example shows that the 
complete residue system chosen can result in a simplification 


of the computations for some problems. 


A polynomial P(x) = >.c, +x" with coefficients c, € Z 


is called an integral polynomial. 


Proposition 4.1-23 (Gauss, 1801, Article 9): 
Let 
P(x)= big ox" (4.1-69) 


be a polynomial function of x with c,éZ. If a=b(modm), 
then we have P(a)= P(b)(modm). 


Proof: 


We have from Proposition 4.1-22: 


a‘ = b‘ (mod m) (4.1-70) 
and from Proposition 4.1-4 since c, =c,(modm): 

c, a‘ =c, +b‘ (modm) (4.1-71) 
Summing equation (4.1-71) for k=0 to n, we have: 

DG oqQi= Se - bh’ (modm) (4.1-72) 

i=0 k=0 
or 

P(a)= P(b)(modm) (4.1-73) 


and so for any integral polynomial P(x), if a and b are 


congruent, then P(a) and P(b) will also be congruent. m= 


Example 4.1-22 


Let P(x)=3+x°—2+x—5. Given the congruence 11=6(mod5), 
show that P(11)= P(6)(mod5). 


Solution: 
P(11)=3-11 —2+11-5 = 3966 
P(6)=3-6?-2-6-5=631 

We then have: 


3966 = 631(mod 5) 


since 
3966 — 631 7 3335 _ 667 
5 5 
Therefore: 


P(11)=P(6)(mod5) 


If P(x) is a polynomial function of x with integral coefficients, 
and if P(a)=0(modm), then we must have P(b)=0(modm) if 


a=b(modm). 


Proof: 


Follows from Proposition 4.1-23. m 


Any positive integer can be represented as a polynomial 


function of 10 having unique integral coefficients c,: 
n=c,°10°+c,_, 010°! +c,_, 210° ++-+¢,*104+¢,  (4.1-74) 


where c, satisfies 0 <c, <10. Equation (4.1-74) can be verified by 
repeated application of the division algorithm using a divisor 
of 10. 


Example 4.1-23 
Give the base 10 expansion of 36984. 


Solution: 


36984 = 3-107 +6+10°+9+10° +8+10+4 


A number n is divisible by 3 if and only if the sum of its digits 
is divisible by 3. 
Proof: 
We have n= P(10). We can write: 
10 =1(mod3) (4.1-75) 


From Proposition 4.1-23 we then have: 


Therefore: 
n=c,°10‘+c,_,°10°' +c,, 105° +++: +c, 10+¢, 
=[c. + Gy to $2 +6 + |(mod 3) 
or 


N=[Cp+ Cpa HCpn $+, +. |(mod 3) 


We then have: 


k 


n=) ¢(mod3) 


i=0 


and so we must have: 


k 
3| He 
i=0 


if anumber n is divisible by 3. m 
Example 4.1-24 
Determine if 36984 is divisible by 3. 


Solution: 


Writing n = 36984 in the form: 


n=c,°10°+c,_,210"' +c,_, 105° +++: +0, ©1046, 


(4.1-76) 


(4.1-77) 


(4.1-78) 


(4.1-79) 


(4.1-80) 


we have: 
k 


SV =34+64+94844 =30 


i=0 
and 

3] 30 
Therefore 36984 is divisible by 3: 


— = 12328 


A number n is divisible by 9 if and only if the sum of its digits 
is divisible by 9. 

Proof: 
We have n= P(10). We can write: 


10 =1(mod9) (4.1-81) 


Using the same argument as that used for Proposition 4.1-25, 
we obtain: 


k 


n= ye (mod 9) 


i=0 


(4.1-82) 


and so we must have: 


(4.1-83) 


k 
9 | Se 
i=0 


if anumber 7 is divisible by 9. m 


A number n is divisible by 11 if and only if the alternating sum 
of its digits 1s divisible by 11: 


k 


11] })(-1)'+6 


i=0 


Proof: 
We have n= P(10). We can write: 
10 =-1(mod11) (4.1-84) 
Multiplying this congruence by itself: 
10° =1(mod11) (4.1-85) 
Continuing to multiply by this congruence: 
10° =—1(mod11) (4.1-86) 
10° =(-1)' (mod 11) (4.1-87) 


Therefore: 


n=c,°10°+c,, 10°! +c,_,°10°* +--+, -104+G 
=C, aby +O, ia pe +++-+¢,¢(-l)+c,(mod11) (4.1-88) 
or 
n=c,(-1) +¢,,°(-1) +:-+¢,¢(-l)+c,(mod11) — (4.1-89) 


Therefore: 


n= > (-1)'+¢,(mod1 1) (4.1-90) 


i=0 


and so we must have: 


11 Voy °C, (4.1-91) 


if anumber n is divisible by 11. = 


If a is an odd integer, then a*“ =1(mod8) where keN. 


Proof: 
Since a is odd, we can write: 
a=2+j+l (4.1-92) 
where j is some integer. Therefore: 
a a=4ef +4ej+l=4-j-(j+1 41 (4.1-93) 


Since either 7 or j+1 must be even, we can factor out 2 from 


the product j+(j+1): 


acer (4.1-94) 
and so: 

a =8ec+l (4.1-95) 
or 

a —-1=8¢ec (4.1-96) 
Therefore: 

a’ =1(mod8) (4.1-97) 
Raising to the k power: 

a“ =|" =1(mod8) (4.1-98) 


If a is an odd integer, then a” =1(mod2") where n 23. 


Proof: 


From Proposition 4.1-28 we have: 


a’ =1(mod8) (4.1-99) 
This can be written as: 

a’ =1(mod2°) (4.1-100) 
and so: 

a’ =1(mod2") (4.1-101) 


is valid for n=3. Using mathematical induction, we assume 


equation (4.1-101) is valid for n=k: 


a’ =1(mod2*) (4.1-102) 
and so: 

A! (4.1-103) 
To check for n=k+1, we square equation (4.1-103): 

a =1426jo2" + j? 02 (4.1-104) 
or 

[eA fen bapa (4.1-105) 
and so: 

ae aie ee | ij (1+ j- ra (4.1-106) 
We then have for k=n-1: 

“oe = 1(mod 252) (4.1-107) 
Therefore we have for n>3: 

a = 1(mod 2” ) (4.1-108) 


4.2 FERMAT’S CONGRUENCE 


The binomial expansion of (x+y)’ where néEN is: 
Oe SD Ap i A\g nals Hite 
(x+y) =x ee x y+| | as 


+( n leapeeyse toy (ADF. 


! 
CAs, 


where the binomial coefficients are: 


n ee eee (4.2-2) 


and where 1<r<n-—1. The binary coefficients ea are the 
results of the successive multiplications involved in raising 


(x+y) to the n power. Therefore : are all integers. 


If p isa prime number, we have: 
(x+y)’ =(x? + y”)(mod p) 


Proof: 
From equation (4.2-1), the binomial expansion of (x+y)’ 
1s: 


2 


(x+y) =x? +/ : Joa? teyt| [rey tee 


+( ? )exeyPtoyP?  (4.2-3) 
| ay 4) a 


where the binomial coefficients are: 


( p bene ee ae (4.2-4) 


and where 1<rs<p-—1. The denominator of the binomial 
coefficients does not then include p as a factor. After common 
factors in the numerator and denominator of the binomial 
coefficients are cancelled, the numerator will still contain p asa 
factor. Therefore, the binomial coefficients are all divisible by p, 


and we have: 


P }=o(nn (4.2-5) 


r 


Only the first term x’ and the last term y’ of the binomial 
expansion will not then be divisible by p, and so these terms 


will be in the remainder after division by p. Therefore we have: 


(x+y)? =x? + y? (mod p) (4.2-6) 


This is known as Fermat’s congruence. m 


4.3. FERMAT’S LITTLE THEOREM 


In 1640 Fermat announced a new theorem in a letter to 


Frénicle de Bessy. He asserted that if p is prime and p of a, then 
p\(a’'-1). It was almost 100 years before a proof to his 
theorem was finally published (Euler, 1741), although an 
unpublished proof was developed by Leibniz prior to 1683. 
Following the work of Euler, a number of other proofs of 
Fermat’s theorem have been developed (see Golomb, 1956; 
Levine, 1999, and Burn, 2002). Fermat’s theorem is also known 
as Fermat's little theorem. 

Fermat’s little theorem can be derived starting with 


equation (4.2-6): 
(x+y)" =x? + y?(mod p) (4.3-1) 


where x, yeZ. Letting x=1 and y=1, and taking p to be a 


prime number, we have: 


(1+1)° =1’ +1?(mod p) (4.3-2) 
or 


2? =2(mod p) (4.3-3) 
Letting x=2 and y=1 in equation (4.3-1), we obtain: 

(2+1)* =2?+1’(mod p) (4.3-4) 
Using equation (4.3-3), we have: 

3? =2+1=3(mod p) (4.3-5) 
Letting x=3 and y=1 in equation (4.3-1), we obtain: 

(34+1)” =3’ +1’(mod p) (4.3-6) 
Using equation (4.3-5), we have: 

4? =3+1=4(modp) (4.3-7) 
This leads us to the following theorem: 


If p isa prime number, we have: 


a’ =a(mod p) (4.3-8) 


Proof: 


Using mathematical induction, we note the theorem is true 


for a=l: 


1’ =1=1(modp) (4.3-9) 
Assuming the theorem holds for any a, we have: 
a’? =a(mod p) (4.3-10) 


We must now determine if equation (4.3-10) holds for a+1. 


From the binomial theorem given in equation (4.2-1), we have: 


(a+1)’ =a? +/[? Joa?" 4/2 Joa? ? 4.41 (4.3-11) 


where the binomial coefficients are given by equation (4.2-4): 


p | lect 


4.3-12 
r Ledede---e7 ( ) 


and where 1<rsp-—1l. Since the binomial coefficients are 


divisible by p, we have: 


P }=0(nen (4.3-13) 
i 
Therefore equation (4.3-11) becomes: 
(a+1)’ =a’ +1’(mod p) (4.3-14) 
Using equation (4.3-10), we have: 
(a+1)" =a+1(mod p) (4.3-15) 


The theorem is then proven for all a>0 since it is true for a=1 


and for a+1. We then have: 


a’ =a(mod p) (4.3-16) 
a 


Equation (4.3-16) is valid for all prime numbers and all ae Z. 


Example 4.3-1 
Verify Proposition 4.3-1 for p=11 and a=3. 


Solution: 


For p=11 and a=3, we have: 
3* = 81 =4(mod 11) 
3° =(3*) =4? =16 = 5(mod11) 
3° = 27 =5(mod11) 
311 = 3° 63° =5*5=25 =3(mod!11) 


as given by Proposition 4.3-1. 


If gcd(a, p)=1 where p is a prime number, then: 
a’* =1(mod p) (4.3-17) 
Proof: 


Since a and p are relatively prime, we can divide 


equation (4.3-16) by a to get: 


a?’ =1(mod p) (4.3-18) 


Fermat’s little theorem states that if p is a prime number, and 


if a and p are relatively prime, then p divides a?'-1.m 


Example 4.3-2 


Verify Fermat’s little theorem for p=7 with a= 2,3, and 5. 


Solution: 

For a=2 and p=7, gcd(2,7)=1 and we have: 
2° =8=1(mod7) 
271 = 26 = 23.2) =1-1=1(mod7) 

For a=3 and p=7, ged(3,7)=1 and we have: 
3° = 9 =2(mod7) 


371 = 3° = 3? 23? .3? =2+262 =8=1(mod7) 
For a=5 and p=7, gcd(5,7)=1 and we have: 

5° = 25 =4(mod7) 

54 = (5°) =4? =16 =2(mod7) 


571 = 5° = 5°54 = 4.2 =8 =1(mod7) 


Example 4.3-3 
If p is an odd prime, show that: 
[ee med p) 


Solution: 

From Fermat’s little theorem, we have: 
1’* =1(mod p) 
1°42?" =14+1=2(mod p) 
1°14+2?7 43°! =2+1=3(mod p) 

and so: 


ed ee ee ee 


= p—|(mod p) 
But p=0(mod p). Therefore: 


po} 4.2? 4 BP ee = —1(mod p) 


Example 4.3-4 
Evaluate 46°" (mod71). 


Solution: 


Since 71 is a prime number and gcd(46,71)=1, we have from 


Fermat’s little theorem: 


46" = 46” =1(mod71) 
We wish to factor 46*° into as many factors 46” as possible 
in order to simplify the problem. We have from the division 
algorithm: 

282 =4+70+2 
Therefore: 


46°? =(46”)' 46° = 1* «46° = 46? (mod71) 


and so: 


46 =2116 =57(mod71) 


Example 4.3-5 


Find a where a= 2°" (mod67) such that 0<a<67. 


Solution: 


Since 67 is prime, we have from Fermat’s little theorem: 
2°° = 1(mod67) 

and so: 
(2%)° = 2 =1' =1(mod67) 

Multiplying each side by 2*: 
2°”* = 16(mod67) 


and so a=16. 


The converse of Fermat’s little theorem is: if m is an odd 
number and if gcd(a,m)=1, and a" =1(modm), then m is a prime 
number. Unfortunately, the converse of Fermat's little theorem is 
not true. In other words, Fermat’s little theorem provides a 
necessary condition for a number to be prime, but not a 
sufficient condition for a number to be prime. Even though 
Fermat's little theorem may hold for a given m, still m may or 
may not be a prime number. The most that can be inferred is 
that m is a probable prime number. Therefore Fermat’s little 
theorem is not a definitive test for primality. A theorem that can 
function as a converse to Fermat's little theorem is given in 
Proposition 6.2-24. 


If for some values of a such that gcd(a, m) =1, we have: 


a" =1(modm) or a” =a(modm) (4.3-19) 


but m is still not prime, then m is known as a pseudoprime for 
base a (see Jeans, 1898; Escott, 1907; Beeger, 1950; Pomerance et 
al., 1980; Jaeschke, 1993; and Conway et al., 1997). The smallest 
pseudoprimes for base integers 2 <a < 50, are given in Table 4-5 
(see Beiler, 1964). 


If for all values of a such that gcd(a, m)=1, we have: 
(4.3-20) 


a" =1(modm) or a” =a(modm) 


but m is still not prime, then m is known as a Carmichael 


number or as an absolute pseudoprime. 


124 15 341 


5 


89 18 25 
9 2 19 4 


; 


Table 4-5 Smallest pseudoprime m for base a, where 
gcd(a,m)=1 and a” =1(modm) and 2<as<50. 


Carmichael numbers m are defined as: 


m| (a” — a) (4.3-21) 


for all aeN such that gcd(a,m)=1 (see Carmichael, 1912; 
Beeger, 1950; Duparc, 1952; Knédel, 1953; Erdés, 1956; Yorinaga, 


1978; Wagstaff, 1980; Dubner, 1989; Jaeschke, 1990; Granville, 
1992; Pinch, 1993, 2007; L6h and Niebuhr, 1996; Harman, 2005; 
and Heath-Brown, 2007). 

All Carmichael numbers have at least three different odd 
prime factors (Carmichael, 1912). The smallest Carmichael 
number is 561=3-11-17 (see Table 4-6). Alford et al. (1994) 


proved that there are an infinite number of Carmichael 


numbers. 


3°11¢17 6601 72341 
1105 5°13¢17 8911 7°19°67 


1729 7#13°19 10585 5°29¢73 
2465 3°17¢29 15841 7¢31°73 
2821 713931 29341 13°37°61 


Table 4-6 First 10 Carmichael numbers m and their prime 


factors. 


Fermat’s little theorem does provide a definitive 
determination that a number is composite. To test if a number 
m is composite, a small prime number is chosen as a. If for any 


odd number m such that ged(a,m)=1, we then have 


a” #1(modm), we can conclude that m is definitely composite. 
It is possible, therefore, to show that a large integer is 
composite without factoring it. 

Example 4.3-6 


Without factoring 143, show that it is composite using 


Fermat’s little theorem. 


Solution: 


Using a=2 in Fermat’s little theorem: 


2? = 4(mod 143) 

2'° = 1024 = 23(mod 143) 

2° = 2! 22" = 23-23 = 529 =100(mod143) 

2° =(2") =(100)° = 1000000 = 1(mod 143) 

2 62° 62 62? = 2"! =161-100+4 = 400 =114(mod 143) 


Therefore 2'*' # 1(mod143). Fermat's little theorem does not 


apply; therefore 143 is composite. In fact, 143 =11-13. 


Example 4.3-7 


Test the compositeness of 341 using Fermat's little theorem. 


Solution: 


Using a=2 in Fermat’s little theorem: 


2'° = 1024 = 1(mod 341) 

ele = 1? =1(mod341) 
2° = (2!) = 1° =1(mod341) 
2°” =(2)' =1° = 1(mod341) 


23.2% = 29 = 1.1 =1(mod34l) 


Fermat’s equation holds; therefore the compositeness of 341 


is not determined by Fermat’s test. Sarrus (1820) found that 


2*” _1 is composite, and so 341 is a pseudoprime for the base 


a=2 (see Table 4-5). 
Since 341=11-31, and since 11 and 31 are both prime 


numbers, they satisfy Fermat's little theorem: 
21°" = 2" =1(mod11) 
2°*' = 2” =1(mod31) 

We also have: 
2" = 1(mod31) 

Therefore: 


(2°)" =2* =1* =1(mod11) 


(2) 2° =2™ = 11.1 =1(mod31) 


and so: 
2°” =1(mod11) 
2*° = 1(mod31) 
From Proposition 4.1-12, we then have: 
2*° = 1(mod11+31) 
since 11 and 31 are relatively prime. Therefore: 
2° = 1(mod 341) 


and so we see why Fermat's little theorem can hold for 


certain composite numbers. 


Example 4.3-8 


Show why the Carmichael number 561 satisfies Fermat's little 


theorem. 


Solution: 


The Carmichael number 561 has the prime factorization 
561=3+11-17. Even though 561 is composite, it satisfies 
Fermat’s little theorem: 


a’ = 1(mod 561) 


for all a where gcd(a,m)=1. To see why, note that if we have 


gcd(a, 561) =1, we must also have: 


gcd(a,3) = 


gcd(a,11)=1 where the p, are distinct odd prime numbers such that 


d( 17) | ( P,- 1) |(m—1) for each i, then m is a Carmichael number. 
gcd(a,17) = 


Proof: 
From Fermat’s little theorem, we then have: Ee 


Let a be any integer where gcd(a,m)=1. Then we must 
have gcd(a, p,)=1 for all i=1,2,3,---,n in the prime 


factorization of m. From Fermat’s little theorem, we therefore 


a’ =a’ =1(mod17) have: 
These three equations can be rewritten as: a’ =1(mod p,) (le Byer) (4.3-22) 
( Fe: i, =a =1™ =1(mod3) Since we are given ( Pi- 1) |(m—1), we also have: 


(a) =a" 1 21(modt BI ee 


(a e = g* 21 =1(modl7) and so we can write: 


m-1 _ k;«( p,-1) ed p;-1 k; ee ee é 
From Proposition 4.1-12, we then have: Bate 2 (4 ) =) ned) eee 
a> =1(mod3e11+17) From Proposition 4.1-12 we then have: 
since 3, 11, and 17 are pairwise relatively prime. Therefore: n 
Poe I(mod 561) a” =1} mod I] P; (4.3-25) 
i=l 


or 
Proposition 4.3-3: a" * =1(modm) (4.3-26) 


If m is a composite integer having the prime factorization: 


m= [|e 
i=l 


Therefore m is a Carmichael number. 


If p>3 isa prime number, then p* =1(mod3) 


Proof: 


Since gcd(p,3)=1, we have from Fermat's little theorem 
(Proposition 4.3-2): 


p*! = p’ =1(mod3) (4.3-27) 


If p and q are two distinct prime numbers such that 
a’ =1(modq) and a‘ =1(mod p), then a” =1(mod 


Proof: 
We are given a’ =1(modq). Therefore: 
(a’) =a?! =|! =1(modq) 
Similarly, we are given a‘ = 1(mod p). Therefore: 
(a’)’ =a?! =|? =1(modp) 
We then have: 
a’! =1(modq) 
and 
a’! =1(mod p) 
From proposition 4.1-12, we can conclude: 


a’ = I(mod pq) 
id 


If p and q are two distinct prime numbers such that 


pq). 


(4.3-28) 


(4.3-29) 


(4.3-30) 


(4.3-31) 


(4.3-32) 


a’ =a(modq) and a‘ =a(mod p), then a”! =a(mod p+q). 


Proof: 


We are given a’ =a(modq). Therefore: 


a’) =a"! =a! =a(modq 
(a") (modq) 


where we have used Fermat’s theorem (Proposition 4.3-1). 


Similarly, we are given a‘ =a(mod p). Therefore: 
(a’)’ =a’! =a’ =a(modp) 

We then have: 
a’! =a(modq) 

and 
a’! =a(mod p) 

From proposition 4.1-12, we can conclude: 


a’! =a(mod pq) 
| 


If p and q are two distinct prime numbers, then: 


pi +q’ =(p+q)(mod pq). 
Proof: 


(4.3-33) 


(4.3-34) 


(4.3-35) 


(4.3-36) 


(4.3-37) 


From Fermat's theorem (Proposition 4.3-1) we have: 


p’ = p(modq) 


(4.3-38) 


We can write: 

p' = p(mod p) (4.3-39) 
From proposition 4.1-12, we can conclude: 

p’ = p(mod p+q) (4.3-40) 

Similarly, we have: 

q’ = q(mod p) (4.3-41) 
We can write: 

q’ =q(modq) (4.3-42) 
From proposition 4.1-12, we can conclude: 

q’ =q(mod pq) (4.3-43) 
Adding equations (4.3-40) and (4.3-44), we obtain: 


p'+q’ =(p+q)(mod pq) (4.3-44) 
|_| 


If a’ =1(modm) and a" =1(modm) where g,heN, and if 
d=gcd(g,h), then a‘ =1(modm). 

Proof: 
From Bézout’s identity (Proposition 2.1-11) we have: 


gexthey=d (4.3-45) 


where x or y must be negative since x, yeZ and d= gcd(g,h). 


Choosing our notation so that y is negative, we have: 


y| (4.3-46) 


gex=dthe 


We then can write: 


(a)' =(a’)-(a")" (4.3-47) 
We are given: 

a’ =1(modm) (4.3-48) 

a" =1(modm) (4.3-49) 


Therefore we have: 


(a)' =(a")+(a")" =1(modm) (4.3-50) 
or 

(a“)+(1)"" =1(mod m) (4.3-51) 
and so: 

a’ =1(modm) (4.3-52) 
a] 


If p isa prime number and gcd(a, p)=1, and if g is the 


smallest positive integer such that p|(a* —1), then g| p-1. 


Proof: 
From Fermat's little theorem (Proposition 4.3-2), we have: 


a’ =1(mod p) (4.3-53) 
or 


p\|(a?"-1) (4.3-54) 


We know then that some exponent g exists such that: 


p\(a® -1) (4.3-55) 
Therefore: 

a’ =1(mod p) (4.3-56) 
We will let: 

d=gced(g, p-1) (4.3-57) 


and so d< g. From equations (4.3-56), (4.3-53), and (4.3-57), and 


from Proposition 4.3-8, we have: 
a° =1(mod p) (4.3-58) 


Since g is the smallest positive integer such that equation 
(4.3-55) holds, then d=>g. Therefore we have both d<g and 
d>g,and so d= g. Equation (4.3-57) then becomes: 

g=gcd(g, p-1) (4.3-59) 


and so: 


g|p-l (4.3-60) 


If p isa prime number and if ae Z such that ged(a, p)=1, 


then a’ is a multiplicative inverse of a modulo p. 


Proof: 


From Fermat's little theorem (Proposition 4.3-2), we have: 


a’ =1(mod p) (4.3-61) 
Therefore: 
aea’” =1(mod p) (4.3-62) 


and so from Proposition 4.1-15 a’~ is a multiplicative inverse 


of a modulo p.m 


If p is an odd prime number and if n=r(mod p—1) where 


n=pand\<rsp-l, then a" =a'(modp). 


Proof: 
We are given: 
n=r(mod p-1) (4.3-63) 
or 
n=ke(p-l)+r (4.3-64) 


We can write: 
n _ ke p-l)tr _ { p-l k Tee G Px? 
Goa =(a ) ea’ =l'ea' =a'(modp) _(4.3-65) 
where we have used Fermat's little theorem (Proposition 4.3-2). 
We then have: 


a" =a' (mod p) (4.3-66) 


Proposition 4.3-11 is illustrated in Examples 7.8-6 and 
7 8-7. 


If p and q are prime numbers where ged( p,q) =1, then: 


Proof: 
From Fermat'’s little theorem (Proposition 4.3-2) we have: 
p* =1(modq) (4.3-67) 
gq? =1(mod p) (4.3-68) 


and so q|(p*'—1) and p|(q?*-1). We can then write: 
pq|(p*' —1)+(q’"-1) 


Therefore we have: 


(4.3-69) 


(pt'-1)+(q?' -1)=0(mod p+q) (4.3-70) 
or 

p' eq? - p''—q? +1=0(mod p+q) (4.3-71) 
Since p+q| p*' °q’", we obtain: 

p’'+q’" =1(mod peq) (4.3-72) 


4.4 CONGRUENCES INVOLVING REDUCED 
RESIDUE SYSTEMS 


If ged(a,m)=1 and if 1 Taos Fa 


system modulo m, then {deh deh. der der, 


reduced residue system modulo m, and is congruent to 


I is a reduced residue 


Ap is also a 


hea ree, fea in some order. 


Proof: 
We are given gcd(a,m)=1, and since VieFislyst* Tony} isea 
reduced residue system modulo m, we have: 


gcd(r,,m)=1 1<i<¢@(m) (4.4-1) 


From Proposition 2.3-3, we then have: 


gcd(aer,,m)=1 1<i<@(m) (4.4-2) 


Therefore each aer, is relatively prime to m. The number of 
elements in the set {deh der. der,, "dT y, } is the same as in 


0 
the set aes & We also have: 


o(m) 


aer, #a+r,(modm) (4.4-3) 


because if the congruence existed, a could be cancelled since 


gcd(a, m)=1, and we would have: 
r, =r,(modm) (4.4-4) 


for some i and j where 1<i<o(m) and 1<j<o(m). Equation 


(4.4-4) is not consistent, however, with VislasTasts Toon f being a 
reduced residue system. Therefore 7,#r,, and the a-v, are all 
incongruent, and so are all distinct residue classes forming a 
reduced residue system modulo m. 

For any given aes, it is possible then to find an integer 


0<d<m such that: 
aer,=d(modm) (4.4-5) 
From Proposition 3.3-4, we then have: 
gcd(a+r,,m)=1=ged(d,m) (4.4-6) 


and sod must be one of the 7,. 
This means that, in some order, the elements of the set 


[Oth deh. Ger arr I are congruent modulo m with the 


o(m) 


elements of the least residue set 47,,7%,15.°"° Pee ss 


Proposition 4.42: acid 
If gcd(a, p)=1, where p is an odd prime number, then the least Ty(9) = eS, 
residue system Npacasoreraneas, modulo p is congruent to Aer, ={4 8 16.20.28 32} 
0) 2) 2 bd rs vd + 
{aer,,d*r,d*r,,:-,a¢7, |} modulo p in some order. 
4 =4(mod9) 
Proof: 
8 = 8(mod9) 
Follows from Proposition 4.4-1 since o(p)=p-1. ™ 
16=7(mod9) 
Example 4.4-1 20 = 2(mod9) 
Show that the reduced residue system Viet Ist ei are 28 = 1(mod 9) 
congruent modulo 9 with 44¢7,4°7,,4¢n,:::,4er in some 
2 [den 4en dor vor} 32 = 5(mod9) 
order. 
Solution: 
el 4.5 EULER’S THEOREM 
1=1(mod9) 
Euler (1763) was able to generalize Fermat's little theorem 
2 =2(mod9) so as to make it valid not only for primes, but for certain other 
3 =3(mod9) integers as well. 
4 = 4(mod9) Proposition 4.5-1 (Euler’s theorem): 
5 =5(mod9) If and only if gcd(a, m) =1, then a®” =1(modm). 
6 = 6(mod9) Proof: 
7 =7(mod9) 


Let in. PAS oe be a reduced residue system modulo 


m. Then [ash dehy deh. d ely} is also a reduced residue 
system modulo m (see Proposition 4.4-1). 


Because the {ah der. dery., a7 \ are congruent to 


o(m) 
VisTasToo°**s Toi f in some order, we can multiply all terms in 
each reduced residue system to form the congruence: 


(m) (m) 


[ [eo =|] (moam) (4.5-1) 
i=l iI 
We then have: 
(m) (m) 
al”). r= I] r(modm) (4.5-2) 
i— i=l 
Let 
(m) 
Re I] r (4.5-3) 
i=] 
so that: 
a’) -_R= R(modm) (4.5-4) 


Since eae aed is a reduced residue system modulo m, 


each r, is relatively prime to m. Therefore from equation (4.4-1) 


and Proposition 2.3-3 we have gcd(R,m)=1 and so R can be 


cancelled from equation (4.5-4): 


a®") = 1(mod m) (4.5-5) 


Conversely, equation (4.5-5) can be rewritten as: 


a") -l=kem (4.5-6) 
or 


a”) _kem=1 (4.5-7) 


Since ged(a,m) divides a”) and kem, it must also divide 1, 


and so equation (4.5-5) can be true only if gcd(a,m)=1. = 


ae5=3+5=15=1(mod14) 

a*9=3+9=27=13(mod14) 

a+11=3+11=33=5(mod14) 

a+13=3+13=39 =11(mod14) 
and so: 

aer, ={3,9,1,13,5,11}={1,3, 5,9, 11,13} modulo 14 
Therefore: 

(3+1)+(3+3)+(3+5)*(3+9)-(3+11)+(3+13)= 

1¢3*5+9+11+13(mod14) 

or 

3° o[1+305+9011013]=[1-3+5*9+11613](mod14) 


The factors in brackets are the same. They can be cancelled 


since they are all relatively prime to 14. Therefore we have: 


3° = 3%) = 1(mod14) 


Example 4.5-2 

Derive Fermat’s little theorem (Proposition 4.3-2) from Euler’s 
theorem with modulo m= p, where p is a prime number. 
Solution: 


Euler’s theorem is: 


a”) = 1(mod mm) 


where gcd(a, m) =1. Let m= p where p is a prime number, so 
that ged(a, p)=1. All the integers 1,2,3,---,p—1 are relatively 
prime to p. From Proposition 2.10-1 o(p)= p—1, and so: 


a’ =1(mod p) 


which is Fermat’s little theorem. 


Example 4.5-3 
Show that 2%”) = 1(mod9). 


Solution: 
9(9)=6 
2°) = 2° = 64=1(mod9) 


which is consistent with Euler’s theorem (Proposition 4.5-1). 


Euler’s theorem can be used to reduce large powers in 


some congruences. 


Example 4.5-4 
Find b if 2°* =b(mod7). 


Solution: 


Gl T)\=6r  gcd( 2,7) =1 


From Euler’s theorem (proposition 4.5-1), we have: 
2°”) = 2° = 64 =1(mod7) 

We can divide the exponent 344 by 6 to obtain: 
344 = 6+¢57+2 

Therefore the congruence 2** = b(mod7) can be written: 
(2°) =(2°)".2? =17 «4 =4 = b(mod7) 


where we have used Euler’s theorem. Therefore b= 4. 


If gcd(a, m)=1, then the multiplicative inverse a‘ of a modulo 


m is given by a =a*”"". 


Proof: 
From Euler’s theorem (Proposition 4.5-1), we have: 


ah”) = 1(mod m) (4.5-8) 


acai" = 1(modm) (4.5-9) 
Since ged(a, m) =1, from Proposition 4.1-15 we have: 


area =1(modm) (4.5-10) 


Therefore the multiplicative inverse of a modulo m is given by 


a? Zs je gj 


Example 4.5-5 


o(11)-1 


For a=6 show that a” =a modulo 11. 


Solution: 
o(11)=11-1=10 
aX = 68) — 6°! — 10077696 = 2(mod 11) 
aca! =aea"'' =6-6'' 36-2 =12 =1(mod11) 


and so 67 =6%) modulo 11. 


If p is an odd prime number and if gcd(a, p)=1, then: 


qi = —1(mod p) 


Proof: 
From Euler’s theorem (Proposition 4.5-1), we have: 
a®”) = a?! =1(mod p) (45-11) 
Therefore p|(a’'—1) and so p| ie2e —1)-(a?)” +1). Since we 
have p|(a’'-1) we must have p/ ig ~ 1). Therefore 
P| fai + 1) and so we have: 


Qh Y!? = —1(mod p) (4.5-12) 


67) = I(mod 7’) 


or 
If p isa prime number and if gcd(a, p)=1, then: 


6” =1(mod 49) 
*(p-1) _ D 

ae I{mod p ) We can write: 

Proof: 6° = 46656 = 8(mod 49) 


From Euler’s theorem (Proposition 4.5-1), we have: Fae 
(6°) =6" =87 = 2097152 = 1(mod49) 

qh”) = 1(mod m) (45-13) 
Letting m= p°: 


a?) = 1(mod p’) (4.5-14) 


From Proposition 2.10-2 we have: Proposition 4.5-5: 


If p and q are different prime numbers and if gcd(a, p+q)=1, 


o(p’)= p*(p-l) (4.5-15) then: 
and so: ee eaibice 
gq?) = 1(mod p’) (4:5-16) 
ma Proof: 
From Euler’s theorem (Proposition 4.5-1), we have: 
Example 4.5-6 o(m) 


a’”’ = 1(modm) (Aber) 


Verify Proposition 4.5-4 for a=6 and p=7. 
Letting m=peq: 


Solution: (pq) 


a =1(mod p+q) (4.5-18) 


We need to show that: From Proposition 3.4-4, we have: 


o(peq)=(p-1)-(q-1) (4.5-19) 
and so: 


a!’ 1X7) = 1(mod pq) (4.5-20) 


Example 4.5-7 
Verify Proposition 4.5-5 for a=2, p=5,and q=7. 


Solution: 
We need to show that: 
27) = 1(mod 5-7) 
or 
2*° = 2” =1(mod35) 
We can write: 
2° =1024= 9(mod35) 
(2°) =2” =9? =81=11(mod35) 
2° = 16 =16(mod35) 
2° 27 = 2" =11+16=176 = 1(mod35) 
and so 


2K) = 1(mod5+7) 


Linear Congruences ae x =b(modm) 


5.1 LINEAR CONGRUENCES 


Linear algebraic equations in a single variable have the 


form: 
aex=b (5.1-1) 


where the value of x is unknown. Of course x, a, and b are not 
necessarily integers for linear algebraic equations. If a#0, such 
algebraic equations always have one and only one solution: 


Dra. 


5.1.1 DEFINITION OF LINEAR CONGRUENCES 
Linear congruence equations in a single variable have the 


form: 
aex = b(modm) (al=2) 


where x, a, be Z,and meéeN. An integer value of x that makes 
a linear congruence a valid congruence is called a solution or a 
root of the congruence. Linear congruences such as equation 
(5.1-2) with a#0 may have one solution, several solutions, or 
no solution for the unknown integer x. 


If x =x, is a solution of a» x=b(modm), then we have: 
aex, =b(modm) (5.1-3) 


If we also have: 


Xx) =x,(modm) (5.1-4) 


then x =x, will also be a solution of a» x = b(modm): 
a+x, =b(modm) (5.1-5) 


Since x, and x, are congruent, however, they are considered to 
be the same solution of a» x=b(modm). Moreover, if x= x, isa 
solution of a+x=b(modm), then x=x,+k+m where k is any 
integer will also be solutions of this equation (see Proposition 
3.6-2). Therefore a+x, =a+(x,+k+m)=b(modm). Such a set of 
solutions is considered to be just the single solution x = x,. 

We see then that the uniqueness of any solution of a linear 
congruence equation must be understood to be modulo m. 
Solutions belonging to the same residue class are not 
considered to be distinct solutions. If x, and x, are solutions of 
aex=b(modm), they will be considered to be different 
solutions only if x, #.x,(modm). 

If a solution x =x, exists to a*x=b(modm), we must have 


m|(a+x,—b). The solution x =x, can be written as: 
x =X, modm O<x,<m (5.1-6) 


where x, is the least residue modulo m. 


5.1.2 EXISTENCE OF SOLUTIONS TO LINEAR 
CONGRUENCES 


In this Section we will consider criteria for the existence of 
solutions of linear congruence equations in a single variable 
and methods to solve such equations. 

Example 5.1-1 

Find all solutions of 3+x =4(mod7). 

Solution: 


Since the modulus is small, we can find the solution by 
calculating the congruence for all the integers in the residue 
classes x= {0,1,2,3,4,5,6}: 

3+0=0# 4(mod7) 


3+1=3#4(mod7) 
32 =6#4(mod7) 
3¢3=9#4(mod7) 
34 =12 #4(mod7) 
3°5=15#4(mod7) 
3+6=18 =4(mod7) 


and so the congruence 3x =4(mod7) has the single solution 
x = 6(mod7). 


Example 5.1-2 


Find all solutions of 3+x =1(mod6). 


Solution: 


Since the modulus is small, we can find the solution by 
calculating the congruence for all the integers in the residue 
classes x ={0,1,2,3,4,5}: 

3-0 =0#1(mod6) 


3+1=3#1(mod6) 
3+2=6=0#1(mod6) 
3+3=9=3#1(mod6) 
3+4=12=0#1(mod6) 
3+5=15=3#1(mod6) 


and so the congruence 3+ x =1(mod6) has no solutions. 


Example 5.1-3 


Find all solutions of 4+x = 4(mod8). 


Solution: 


Since the modulus is small, we can find the solution by 
calculating the congruence for all the integers in the residue 
classes x ={0,1,2,3,4,5,6,7}: 


ee 0 


a+x=b(modm) has a solution if and only if gcd(a,m)|b. 


Proof: 
Let d= gcd(a,m). If x, is a solution of 
a*x=b(modm) 
we must have: 


aex, =b(modm) 


and so: 


(5.1-7) 


(5.1-8) 


aex,-b=kem (5.1-9) 
or 


b=aex,—kem (5:1-10) 
From the definition of d=gcd(a,m), we know that dja 
and d|m. Therefore from equation (5.1-10) and Proposition 


2.1-1, we must have d|b. We must then have ged(a,m)|b for 


there to be a solution of a*+x = b(modm). 


Conversely, if d|b, we can show that a solution of 
aex=b(modm) exists. From Bézout’s identity (Proposition 
2.1-11), we have: 


d=a+ut+mev=ged(a,m) (5.1-11) 
Since d|b, we can write b=ked. Multiplying equation (5.1-11) 
by k: 


ked=ae(keu)+me(kev) (5:1-12) 
or 


b—ae(keu)=(kev)em (5.1-13) 
This is equivalent to: 


b=a+(keu)(modm) (5.1-14) 
or 


a+(keu)=b(modm) (5:1-15) 


and so cee ASA solution of 


aex = b(modm) (5.1-16) 


Therefore a solution of a+ x =b(modm) exists if ged(a,m)|b. m 


Example 5.1-4 


Find all solutions of 3+. = 4(mod6). 


Solution: 


Since we have ged(3,6)=3 and 3/4, the linear congruence 
3+x=4(mod6) has no solutions. This can be checked by 
calculating the congruence for all integers in the residue 
classes x ={0,1,2,3,4,5}: 

3-0 =0#4(mod6) 


3+1=3#4(mod6) 
3+2=6=0#4(mod6) 
3+3=9=3+4(mod6) 
3+4=12=0#4(mod6) 
3-5=15=3#4(mod6) 


Reexamining Examples 5.1-1, 5.1-2, and 5.1-3, we find: 
Example 5.1-1: gcd(3,7)=1 and 1|4 so 3+x=4(mod7) 


has a solution. 


Example 5.1-2: ged(3,6)=3 and 3/1 so 3-x=1(mod6) 


has no solution. 


Example 5.1-3: ged(4,8)=4 and 4|4 so 
4 +x =4(mod8) has a solution (it has 4 solutions). 


a+ x =b(modm) has exactly one unique solution if and only if 

gcd(a, m) = 10 
Proof: 

From Proposition 5.1-1 we know that a+x=b(modm) has a 
solution if and only if ged(a,m)|b. If gcd(a,m)=1 at least one 
solution of the congruence must exist. 

Since we are considering solutions modulo m, we have 
0<x<m-1. These values of x constitute a complete residue 
system modulo m. The solution of the linear congruence can be 
found by testing each of these values of x. 

To show that a*x=b(modm) has exactly one unique 
solution if ged(a,m)=1, we assume that at least two solutions 


of this congruence exist: 
a+ x, =b(modm) (5.1-17) 
aex, = b(modm) (5.1-18) 


We then must have: 


asx, =a+x,(modm) (5.1-19) 
or 
a+(x, —x,)=0(modm) (5.1-20) 


Since gcd(a,m)=1, we can cancel a: 
X) — xX, = 0(modm) (5.1-21) 


Since 0<x,<m-1 and 0<x,<m-1, then m/(x,—x,) unless 
X)=x,. Therefore if gcd(a,m)=1, two or more solutions to 
aex=b(modm) do not exist. This congruence has one unique 


solution if gcd(a,m)=1. ™ 


Another way to prove Proposition 5.1-2 for a congruence 
aex=b(modm) is to use Proposition 3.3-5. If we let x assume 
the values of a complete residue system, a+ x will also assume 
the values of a complete residue system in some order. Since 
the m elements of a complete residue system are incongruent, 
a+x will be congruent to b for only one distinct solution of 


a*x=b(modm). 


Example 5.1-5 
Find all solutions of 52+x =4(mod25). 


Solution: 


Since gcd(52,25)=1, the congruence 52+x=4(mod25) has a 


single unique solution. For large moduli, we can find the 


solution of the congruence by adding multiples of the 
modulus to the coefficient until cancellation is possible: 
52+x=44+25=29(mod25) 
52¢x=4+254+25=54(mod25) 
52+x=44+254+25+25=79(mod 25) 
52°x=44+254+254+254+25=104(mod25) 
Dividing by 52: 
x = 2(mod25) 


so the congruence 52+x=4(mod25) has the single solution 
x=2mod25 or x=2+k+25 where ke Z. 


Example 5.1-6 
Find all solutions of 13+ x =929(mod 1583). 


Solution: 


Since gced(13,1583)=1, the congruence 13+x = 929(mod1583) 
has one solution. The congruence is equivalent to: 

13° x-—929 = ke1583 
or 


13 °x = 929+ k +1583 


and so 


If asx =b(modm) has a solution x= x,, it will have gced(a,m) 


incongruent solutions given by: 


m 


+ k » ——__—_— 
0 gcd(a,m) 


O<k< gcd(a, m)—1 
Proof: 
We are given: 


a*x = b(modm) (Sule22) 


We will let d=gcd(a,m). We then have dja and d|m. From 
Proposition 5.1-1, we know that a+x=b(modm) will have a 
solution if and only if d|b. Since we are assuming that this 
congruence has a solution, we can conclude that d divides a, b, 
and m as required by Proposition 5.1-1. Therefore we can 
divide equation (5.1-22) by d (see Proposition 4.1-10): 


(5.1-23) 


Every solution of equation (5.1-22) is a solution of equation 
(5.1-23), and every solution of equation (5.1-23) is a solution of 
equation (5.1-22). 

If a solution of equation (5.1-23) is x=x,, where x, is a 
least residue modulo m/d, we then have: 


b 
Sox, =2{ moa 
d 


5.1-24 
; Zi ( ) 


m 
Oa, 
d 


We will now let x=x, be any other solution of equation 
(5.1-22): 


aex, =b(modm) O<x,<m (5.1-25) 
Therefore: 

aex, =a+x,(modm) (5.1-26) 
Dividing by d: 

a a m 

a = x,{ mod) (4-27) 


Since d= gcd(a,m), from Proposition 2.1-10, we have: 
(5.1-28) 


From Proposition 3.1-5 and equation (5.1-28), we see that we 


can cancel a/d in equation (5.1-27) to obtain: 


x, = Z| Bods (5.1-29) 
or 
m m 
xX, =X, +ke—=x, +ke———- 5.1-30 
Biers d Se gcd(a,m) \ ) 
where from equations (5.1-25) and (5.1-30): 
m 
O54, =My the <m (5.1-31) 


Substituting the maximum boundary value for x, from the 
range in equation (5.1-24): 


ae 


re (5.1-32) 


O54) tho a kat =m 
ansea d 
For the upper range in equation (5.1-32) to be consistent with 
the upper range in equation (5.1-31), k can take only the 
following values: k=0,1,2,3,---,d—1. We therefore have 
k=0,1,2,3,+--,[ ged(a,m)—-1. 
solutions of a*x=b(modm) if gcd(a,m)|b. We also have 
O<k<gced(a,m)-1. 

None of the ged(a,m) solutions are congruent to each 


, and so there are d=gcd(a,m) 


other. We can show this by assuming the opposite: that two 


solutions for k=k, and k=k, are congruent. We then have: 


Khoa] x th“ l(moam (5.1-33) 
0 p d 0 1 d 


where 0<k,, k, <d—1. Equation (5.1-33) is equivalent to: 


m- m- 
E +k, a E +k, =| =hem (5.1-34) 
or 
(k, Sen =hem (5.1-35) 
and so: 
k,-k,=hed (5.1-36) 


We then have k, =k, +hed2k,+d2d since h21. But k,<d-1, 
and so we have a contradiction. Therefore none of the solutions 


given by equation (5.1-30) are congruent to each other modulo 


mm. 


Example 5.1-8 
Find all solutions of 12+x =24(mod9). 


Solution: 
This congruence has three solutions since gcd(12,9)=3 and 


3|24. One solution is x =2, and the other solutions are given 
by: ca Dt kets 24h03: 

ee EN 

2 


and so the solutions are x=2mod9, x=5mod9, and 
x=8mod9. These can be checked by calculating the 
congruence for all integers in the residue classes 
10 1,258.4.5,0,7,8 

12-0=0# 24(mod9) 


12+1=12=3 # 24(mod9) 
12+2=24=24(mod9) 

12-3 =36 =0 # 24(mod 9) 
12+-4=48 =3 #24(mod9) 


12-5=60= 24(mod9) 


12-6 =72=0#24(mod9) 
12+7=84=3 # 24(mod9) 


128 = 96 =24(mod9) 


Example 5.1-9 
Find all solutions of 129+ x =36(mod171). 


Solution: 


To determine gcd(171,129), we use the Euclidean algorithm 
(Proposition 2.5-1): 
a=qeb+r 
171=1+129+42 => — ged(171,129) = ged(129, 42) 
129=3+424+3 = — ged(129,42)=ged(42,3) 
42=14-34+0 = © ged(42,3)=gcd(3,0)=3 


Therefore gcd(171,129)=3. A solution of 129+ x =36(mod171) 
exists since 3|36. Moreover this congruence has three least 
residual solutions. Solving the Euclidean equations 
backwards, we have: 

r=a-—qeb 

3=129-—3-42 

3 = 129-3-(171-129) 


3=4-129-3-171 

or 
129-4=3-1714+3 

which is equivalent to: 
129-4 =3(mod171) 

Multiplying 129-4 =3+171+3 by 36/3 which is b/ged(a,m): 
129-48 = 36171+36 

which is equivalent to: 
129 «48 =36(mod 171) 

Therefore x, =48mod171 is a solution of the congruence: 
129 «x = 36(mod171) 


To find the other two least residual solutions, we can use 
Proposition 5.1-3: 


Pe ae meme ray ee 
gcd(a,m) 
We then have: 
eG Bee ie =48+57=105 
be =48+2--0 =48+2+-57=162 


~ 


and so the solutions are x=48mod171, x=105mod171, and 
x =162mod171. 


Example 5.1-10 
Find all solutions of 6x =24(mod60). 


Solution: 

Since gcd(6,60)=6 and 6|24, then 6+x=24(mod60) has 6 
solutions. Obviously x=4mod60 is one solution. Using 
Proposition 5.1-3, we have: 


ey re 


Ae geo 116) 
gcd(a,m) gcd(6, 60) 


Testing for k= 0,1,2,3,---,[ ged(a, m) 1]: 
x=4+4+1-10, 442-10, --- , 4+5-10 


we find the following solutions: 


x=4,14, 24, 34, 44,54 mod 60 


If aex=1(modm) where gcd(a,m)=1, then a solution x of 
this congruence is called a multiplicative inverse of a modulo 
m as noted previously (see Proposition 4.1-15). Such a solution 
of a*x=1(modm) is designated by x=a™' modm, and we have: 


aera =1(modm). 


If gcd(a,m)=1, then a» x =1(modm) has exactly one unique 
solution x =a". 


Proof: 

From Proposition 5.1-2 we know that the congruence 
a*x=1(modm) has a single unique solution when ged(a, m) =1. 
From Proposition 4.1-15 we know that this solution is 


x=a'modm.u 


If gcd(a,m)=1, then x =a'' +b is the unique solution of 
aex=b(modm). 

Proof: 
We are given: 


aex = b(modm) (5.1-37) 


Since ged(a,m)=1, we know from Proposition 4.1-15 that a 
modulo m exists, and we know from Proposition 5.1-2 that 
aex=1(modm) has exactly one unique solution. Multiplying 


equation (5.1-37) by a', we have: 


aea'ex=a'+b(modm) (5.1-38) 
Therefore: 

x =a +«b(modm) (5.1-39) 
Substituting x into equation (5.1-37): 

aca *b=1eb=b=b(modm) (5.1-40) 


and so x=a™'+*bmodm isa solution of a*+x=b(modm). m 


If gcd(a,m)=1, then x=a"””" «b is the unique solution of 


a+*x=b(modm). 


Proof: 


Since gcd(a,m)=1, we know from Proposition 5.1-5 that 


x=a«b is the unique solution of a-x=b(modm). We also 


m 


know that a@'=a*”' from Proposition 4.5-2 if gcd(a,m)=1. 


%™! .bmodm is the solution of a+x=b(modm) 


Therefore x=a 
when ged(a,m)=1. This can be verified using Euler’s theorem 


(Proposition 4.5-1): 


a ns eh=ae ae e a”) b= aX”) eb=leb= b(mod m) (5.1-41) 
a 


x=aX”? .b=3° -4=972 mod7 
and so: 

x = 972 = 6(mod7) 
Therefore: 

3*6=18=4(mod7) 


This result can be compared with that in example 5.1-1. 


Example 5.1-12 
Find all solutions of 11+x =5(mod18). 


Solution: 
Since ged(11,18)=1, the congruence 11+x=5(mod18) has one 
solution. From Proposition 5.1-6, we have: 
x=aX"| pb 
o(m) = o(18) = 6 
x=a%""' sb =11° +5 =805255 mod 18 
and so: 
x = 805255 = 7(mod 18) 
Therefore: 
11-7=77=5(mod18) 


If aex =1(modm) has a solution, then gcd(a,m)=1 and 


aext+tmey=l for some x,yeZ. 


Proof: 
If asx =1(modm) has a solution, we must have: 
m|(l—a+x) (5.1-42) 
so that: 
l-aex=mey (5.1-43) 
or 
aex+mey=1 (5.1-44) 


Any common factor of a and m must also be a factor of 1. 


Therefore ged(a, m) =1, and we have: 
aex+mey=ged(a,m)=1 (5.1-45) 
which is Bézout’s identity (see Proposition 2.1-11). m 


If cla, c|b, and c|m, then aex=b(modm) if and only if: 


Cc Cc Cc 


a’ 
“12 °( moa” 


Proof: 


If 
a+x =b(modm) (5.1-46) If ged(c,m)=1 and c|a and c|b, then asx =b(modm) if and 
then from Proposition 4.1-10, we can divide by c: ous 
a b 
“.1=2{ moa” (5.1-47) 714 = — (mod m) 
é C é 
Proof: 

Conversely, if: Since ged(c,m)=1, we know from Proposition 4.1-15 that a 
a b m multiplicative inverse c’ of c modulo m exists. If we have: 
4.12 2{ moa (5.1-48) 

Cc Cc Cc a+ x =b(modm) (5.1-50) 


then from Proposition 4.1-6, we can multiply by c: we can then multiply by 7: 


aex = b(modm) (5.1-49) c!eaex=c'+b(modm) (5.1-51) 


Using a= co and bo e se equation (5.1-51) becomes: 
C € 


(c *c)e—exe(c c) (mod m) (51-52) 


4. y=? (modm) (5.1-53) 


Cc Cc 


Conversely, if: 


4. y= 7(modm) (5.1-54) 


Cc C 
we can multiply by c to obtain: 


aex = b(modm) (5.1-55) 


5.1.3 METHODS OF SOLVING LINEAR 
CONGRUENCES 


Solution methods for linear congruences having the form 


a+*x = b(modm) include: 


1. For small modulus m, direct testing of all integers 
x=1,2,3,---,m—1 (see Examples 5.1-1, 5.1-2, and 
5.1-3). 


Adding multiples of the modulus m until it is 
possible to cancel the coefficient a (see Examples 
5.1-5 and 5.1-6). 


If one solution can be found, then Proposition 5.1-3 
can be used to find the remaining solutions (see 
Examples 5.1-7, 5.1-8, 5.1-9, and 5.1-10). 


Calculating the multiplicative inverse and using 
Propositions 5.1-5 and 5.1-6 (see Examples 5.1-11 and 
5.1-12). 


Divide using the coefficient a (see Examples 5.1-13 
and 5.1-14). 


5.2 SYSTEMS OF LINEAR CONGRUENCES 


A system of linear congruences in a single variable has the 


a,+x=b,(modm, ) 
a, -x=b, (mod m, ) 


a,°x=b, (mod, ) 


a,*X=b, (mod mM, ) 


Such a system represents n simultaneous linear congruences. 
Systems of linear congruences are encountered in situations 
where events or groupings occur with different periodicities. 

In this Section we will consider solutions of systems of 
linear congruences in a single variable. A solution of a system 
of linear congruences must simultaneously solve all the 
congruences of the system. 

For the system of linear congruences to have a solution, 
each individual congruence must have a solution. This means 
that if d, = gcd(a,,m,), we must have d, |b, for all k as required 
by Proposition 5.1-1. We then have d,|a, d,|b, and d,|m, for 
all k. From Proposition 4.1-10 we see that the factor d, can be 


cancelled for each of the congruences given above: 
ay ex = b/(modm) 
a’, +x =b;,(modm;) 


a’,+x = b{(mod m’) 


, EE , , 
a’ +x =b’ (mod m’ ) 


where a, =4a,/d,, b,=b,/d,, and m,=m,/d,. We then have 
gcd(a’,m;,)=1 for all k (see Proposition 2.1-10). 
If the moduli m, in a system of linear congruences are not 


pairwise relatively prime, then solutions of the system of 


congruences may or may not exist. Any pair of congruences 
having moduli that are not relatively prime impose two 
separate conditions on a solution for one given modulus. If 
these conditions are not compatible, then no solution can exist 


(see Example 5.2-1). 


Example 5.2-1 
Can the following system of linear congruences be solved? 


4+ x =2(mod6) 


20 +x = 8(mod 12) 


Solution: 


We see that gcd(6,12)#1. Using Proposition 4.1-10, we can 
simplify the congruences by dividing using the greatest 
common divisors: 

2+x =1(mod3) 

5+x =2(mod3) 


This system of simultaneous linear congruences has no 
solution since the solutions of the individual congruences are 


incompatible: x =2(mod3) and x =1(mod3). 


Example 5.2-2 


Solve the following system of linear congruences: 


If for 1<k<n the moduli m, are pairwise relatively prime in 
the linear system of congruences a, +x =b,(modm,), and if 
gcd(a,,m,)=1, then the system a, +x =b,(modm, ) is 


equivalent to the system x =a,'«b,(modm, ). 


Proof: 


We are given a system of linear congruences: 


a, +x =b,(modm, ) (5.2-1) 
where 1<k<n. Since gced(a,,m,)=1, by Proposition 4.1-15 we 
know that a unique integer a,’ exists such that: 

a, +a,' =1(modm, ) (5.2-2) 
Multiplying equation (5.2-1) by a;,’, we have: 

a, +d, +x =a,' +b, (modm, ) (5.2-3) 
or 

x =a,'+b,(modm, ) (5.2-4) 


Letting c, =a,'+b,, we obtain the system of simultaneous linear 


congruences: 


x c, (mod m, ) 
x= c, (mod m, ) 


x= c,(modm, ) 


X=C, (mod m,, ) 


A system of linear congruences can be solved by solving 
the first congruence for x and substituting this value into the 
second congruence and simplifying. Continuing this same 


procedure for all the remaining congruences, the solution of the 


entire system of congruences can be found. This iterative 
procedure is shown in the following two examples. If the 
moduli of the congruences are not pairwise relatively prime, 
then it is necessary to check that the congruences are consistent. 


Example 5.2-3 


Solve the following system of linear congruences: 


x = 3(mod5) 
x = 5(mod7) 
Solution: 


We have gcd(5,7)=1. The first congruence is equivalent to: 
x=3+ked 

This value of x must be equal to the second congruence: 
x=3+k+5=5(mod7) 

We then have: 
k+5=2(mod7) 

Adding 4+7=28 to 2, we have: 
k +5 =30(mod7) 

Since gcd(5,7)=1, we can divide by 5: 
k = 6(mod7) 


and so: 


x=3+k*5=3+6+5=33(mod7) 


We then have: 
33 = 3(mod5) 
33 = 5(mod7) 


as was found in Example 5.2-2. 


Example 5.2-4 


Solve the following system of linear congruences: 


4+x=1(mod3) 
6+x =3(mod5) 


3+x =4(mod11) 


Solution: 


By inspection, we see that the solutions of the individual 


congruences above are: 


x = 1(mod3) 
x = 3(mod5) 
x = 5(mod11) 


For the moduli, we have: ged(3,5)=1, ged(5,11)=1, and 
gcd(3,11)=1, and so the moduli of the congruences are 


pairwise relatively prime. 


The first congruence states that we have: 
x=1+k +3 


This value of x must be equal to the second congruence: 


1+k, +3 =3(mod5) 
We then have: 
k, = 4(mod5) 
or 
kK, =4+k, +5 
and so: 
x=1+k,©3=143+(4+k, ©5)=13+k, +15 
This value of x must be equal to the third congruence: 
13+k, +15 =5(mod11) 
We then have: 
k, =-2(mod11) 
or 
k, =-2+k, 11 
and so: 
x=134+k, 015 =134+15+(-2+k,+11)=-17+k, +165 
Therefore: 
= —17(mod165) 
or, adding 165 to -17: 


x = 148(mod 165) 


Note that 165 equals the product of the three moduli 3, 5, and 


JO 


The solution of the system of three linear congruences is then: 


x = 148(mod 165) 


and we have: 


148 = 1(mod3) 
148 = 3(mod5) 
148 = 5(mod11) 


A solution exists for the system of simultaneous linear 


CONSTUENCES. 


x =r,(modm,) 


x =r,(modm, ) 


if and only if gcd(m,,m,)|(r, —7,)- If a solution exists, it has the 


form x =x,(modlem(m,,m,)). 
Proof: 
From x=17,(modm,) we can write: 


xX=7,+kem, 


Using x =1r,(modm,) we have: 
r,+kem, =r,(modm, ) (5.2-6) 
or 


kem, =(r,-17,)(modm, ) (5.2-7) 


This is a linear congruence with k as the unknown. From 
Proposition 5.1-1, equation (5.2-7) has a solution if and only if 
gcd(m,,m,)|(7, mie 

If a solution exists for the congruence in equation ( 5.2-7), 
from Proposition 5.1-3 we know that k will be given by: 


ie) (0<Sk <ged(m,,m,)-1) (5.2-8) 


Reape ingest eae 
se ged(m,, m, ) 


From equation (5.2-5) we then have: 


m,*M, 


aaa hd egcaene (5.2-9) 
Letting x, =r,+7 «m,, equation (5.2-9) becomes: 
eee (5.2-10) 
From Proposition 2.9-2 we have: 
dae a Icm(m,, m, ) (5.2-11) 


ged(m, ,m, ) 


and so we have: 


x =X, + j*lom(m,,m,) (5.2-12) 


Or 


ee (mod lem(m, ,M, )) (5.2-13) 


In 1247 Ch’in Chiu-Shao published a method for solving 
simultaneous linear congruences in a single variable. This 
method, which is now known as the Chinese remainder 
theorem, is thought to originally have been developed by Sun- 
Tsti in the first century (see Dickson, 1919b). The Chinese 
remainder theorem provides an algorithm for solving the types 


of problems presented in Examples 5.2-1, 5.2-2, and 5.2-3. 


If m,,m,,m,,-*-,m, are positive integers that are pairwise 
relatively prime so that gcd(m,,m,)=1 for i#k, then the 


system of simultaneous linear congruences: 


x =r,(modm,) 
x =r,(modm, ) 


x =r,(modm,) (5.2-14) 


X=r, (mod m,, ) 


Rh 


has a single unique solution modulo M =m,+m,+m,+-::+m 
which is given by: 
x=n7°eM, al age 6 -M, Yo bee! G 3 M,°* y, (mod M ) 


where M.=M /m, and y, =M-'modm,. 


Proof: 
Let 
M=m,+m,+m,e---+m, (5.2-15) 
and 
M, =—=m,+m,©m,e+++*M,_,°M,,, °°8M, (5.2-16) 
mM, 


for each k=1,2,---,n. We see that m, does not appear in the 
product M,. Since gcd(m,,m,)=1 for i#k, we also have 
ecd(M,,m,)=1 since m, is not one of the factors of M,. 
Therefore, from Proposition 5.1-2 we see that it is possible to 


solve the congruence: 


M.« y, = 1(modm, ) (5.2-17) 


to obtain a unique solution y,. Each such solution y, is the 
multiplicative inverse (see Proposition 4.1-15) of M, modulo 
m,: 


y, = M-' modm, (5.2-18) 


We can multiply equation (5.2-17) by r, to obtain: 


1,.°M,* y, =, (mod m, ) (5.2-19) 


and so r,+M,ey, is a solution of the k’th congruence in the 
system of congruences given in equation (5.2-14). Therefore we 


can write for an individual k: 


x, =r, * M,+ y,(modm, ) (5.2-20) 
Since y, = M,'modm,, equation (5.2-20) becomes: 
x, =r,° M,+M,' =r,°1=r,(modm, ) (5.2-21) 


for any k, where x, is a solution of the k” congruence. 

Now for any i#k we will have M,=0(modm,) since 
m,|M, when i#k. This means that it is possible to construct a 
solution x, to the entire set of linear simultaneous congruences 


by summing all the individual solutions: 


xX,=n°eM,ey,+H°M,ey,+::+7r Me y, (mod M ) (5,2-22) 


We will now show that this solution is unique modulo 


m,+m,em,e:--em,. If we assume that x, and x, are two 


n 


solutions of the set of linear simultaneous congruences, then we 


have: 


x; =r,(modm, ) x, =r,(modm, ) (5.2-23) 


Or 


xX; —X, =0(modm, ) (5.2-24) 


for all k such that 1<k<n, and so: 


x, — x, = 0(modm, +m, +m, «+++ m, ) (5.2-25) 


according to Proposition 4.1-12 since gcd(m,,m,)=1 for i#k.. 


Therefore: 

x, — x, = 0(mod M ) (5.2-26) 
or 

x, =x%(mod M) (5.2-27) 


This means that the solution given in equation (5.2-22) is 


unique modulo M. = 


If gcd(m,,m,)#1 for i#k, a system of simultaneous linear 


congruences may or may not have a solution. 


Example 5.2-5 


Solve the following system of linear congruences: 


x = 3(mod5) 
x = 5(mod7) 
Solution: 


We have gcd(5,7)=1. We are searching for an integer x, that 


solves two congruences having the form: 


L=T, (mod m, ) 


We can write: 


M=m,em, =5¢7=35 


Bee 
es. 

a 
Matha? 2 5 
itis 7 


Using M,+y, =1(modm, ): 


7+ y, =1(mod5) = y, = 3mod5 
5+y, =1(mod7) = y, = 3mod7 
We can use: 


x, =r,°>M,+y,+n+M,+y,(modM) 
to obtain: 
X, =3+7+345+5+3(mod35) 
or 
x, = 138 = 33(mod35) 
The individual congruences then become: 
33 = 3(mod5) 33 = 5(mod7) 


as was found in Examples 5.2-2 and 5.2-3. 


Example 5.2-6 


What natural number leaves a remainder of 1 when divided 
by 3, a remainder of 3 when divided by 5, and a remainder of 
5 when divided by 11? 


Solution: 


We are searching for a natural number x that solves three 
congruences having the form x =r, (modm, ): 


x = 1(mod3) 


x = 3(mod5) 

x = 5(mod11) 
We also have gcd(3,5)=1, gcd(5,11)=1, and gcd(3,11)=1. We 
can write: 


M=m,-m,+m,=3+5+11=165 


M165 
eee ed 
ii, 3 
eM I55 
We 3S 

M 
ee ee 
m, II 


Using M,+y, =1(modm, ): 


55+ y, =1(mod3) => y, = 1mod3 
33+ y, =1(mod5) = y,=2mod5 
15+ y, =1(mod11) = v= Smed tl 


We can use: 
Xs =r°M,-y,+r°M,+y,+7°M,+y,(modM) 


to obtain: 

X,= 1¢55¢14+3+33+24+5+15+3(mod165) 
or 

xX, =478= 148 (mod 165) 


The individual congruences then become: 
148 = 1(mod3) 
148 = 3(mod5) 
148 = 5(mod 11) 


as was found in Example 5.2-4. Note that only one term of x, 


is nonzero for each modulo M, : 
1+55+1=55=1(mod3) 
1¢55¢1=55=0(mod5) 
1-551 =55=0(mod11) 


3-332 =198 = 0(mod3) 
3-332 =198 = 3(mod5) 


3 «33-2 =198 =0(mod11) 


515*3= 225 =0(mod3) 
5+15+3=225=0(mod5) 
5 +153 = 225 = 5(mod!1) 


Therefore the solution of the system of linear congruences 


satisfies each individual congruence. 


A linear congruence a+ x =b(modm) having a modulus m 
that is a large composite number can be solved with the 


Chinese remainder theorem. From the prime factorization of m: 
MU Dita SP, eee (5.2-28) 


we know that m|(a*x—b) if and only if p/*|(a*x—b) for 
1<k<n. Therefore solutions of the original congruence 
aex=b(modm) are the same as solutions of the system of 


simultaneous linear congruences: 


aex= b(mod p?' ) 
aex= b(mod p ) 


aex= b(mod Py ) (5.2-29) 


Since the moduli of these simultaneous linear congruences 
are much smaller than m, they may be easier to individually 
solve than the original congruence. The Chinese remainder 
theorem can then be used to obtain the solution of the set of 
equations (5.2-29) and so of the congruence a+x=b(modm). 


Example 5.2-7 
Find all solutions of 3+x =5(mod1925). 


Solution: 


The prime factorization of 1925 is: 
1925=5°°7ell 


Writing 3+*x=5(mod1925) as a set of simultaneous linear 


congruences, we have: 
3+x=5(mod5°) 
3+x = 5(mod7) 
3+x =5(mod11) 


or 


3+x =5(mod25) 
3+x = 5(mod7) 


3+x = 5(mod11) 


We also have gcd(25, 7) = gcd(7, 1 1) =) amd gcd(1 I 25) =e We can use: 
Using the method given in Example 5.1-6, we have: 


x; =n°M,-y,+n°M,-y,+7°M,- y,(modM) 
Se ke2s le 25 


30x =54h-25 => X= ; : to obtain: 
; ; Xy =10+77+13+4+275+4+4+9+175+10(mod 1925 
x = 10(mod 25) i. me 
Se ee ~ 
Be ee = eee = ged) x, = 10010 + 4400 + 15750 (mod 1925) 
, . Therefore: 
ge ee ee 
3 3 x, = 30160 = 1285(mod1925) 
a mea and so 3+x =5(mod1925) becomes: 
We can write: 31285 = 5(mod1925) 
M=m,em,em,=25¢7+11=1925 
elie aie The individual congruences then become: 
Meee ee 40) 1285 = 10(mod 25) 
Mm 25 
1285 = 4(mod7) 
pe ELE 
m, 1285 = 9(mod 11) 
M1925 _ 95 


m, I 5.3. LINEAR CONGRUENCES IN TWO 


VARIABLES 


Linear algebraic equations in two variables have the form: 


Using M,+y, =1(modm, ): 


77*¢y,=I(mod25) => ~ y,=13mod25 
275+y,=I(mod7) => — y,=4mod7 aextbey=c (5.3-1) 


175+y,=I(mod11) = — y,=10mod11 


where the values of x and y are unknown. Of course x, y, a, 
b, and c are not necessarily integers for linear algebraic 
equations. 

Linear congruence equations in two variables have the 


form: 


aex+bey=c(modm) (5.3-2) 


where x,y,a,b,ceZ and meN. 
If x=x, and y=y, is a solution of aex+b+y=c(modm), 


then we will have: 
aex, +b+y, =c(modm) (5.3-3) 


and x=x,+jem and y=y,+kem will also be solutions of 
equation (5.3-2). Such a set of solutions is considered to be just 
the single solution x=x, and y=y,. Therefore we see that the 
uniqueness of any solution of a linear congruence equation in 
two variables must be understood to be modulo m. 

In this Section we will consider criteria for the existence of 
solutions of linear congruence equations in two variables and 


methods to solve such equations. 


The linear congruence a*x+b+y=c(modm) has solutions if 


and only if ged(a, b, m) Wes 


Proof: 
We are given: 

a+x+bey=c(modm) (5.3-4) 
which can be written as: 

b+y=c—a+x(modm) (5.3=5) 
From Proposition 5.1-1 we see equation (5.3-5) has a solution if 
and only if ged(b, m)|(c—a+x), which can be written as: 

aex= c(mod ged(b, m)) (5.3-6) 
Using Proposition 5.1-1 again, we see that equation (5.3-6) has a 


solution if and only if ged(a, gcd(b, m))|c. We then have using 
Proposition 2.1-25: 


gcd(a, ged(b, m)) = gcd(a,b, m) (5.3-7) 


Therefore a+x+bey=c(modm) has solutions if and only if 


gcd(a,b,m)|c. wi 


The congruence avx+b+*y=c(modm) has exactly m 
incongruent solutions if gcd(a,m)=1 or gcd(b,m)=1. 
Proof: 


Assume gcd(a,m)=1. Rewriting the congruence: 


aex+bey=c(modm) (5.3-8) 
in the form: 
aex=c—b-+y(modm) (5.3-9) 


we then see from Proposition 5.1-2 that equation (5.3-9) has 
exactly one solution for x for each incongruent value of y. 
There are m incongruent values of y modulo m, and so there 
must be exactly m incongruent solutions to equation (5.3-8). 
Similarly, assume gcd(b,m)=1. Rewriting the congruence 


given in equation (5.3-8) in the form: 

be y=c—a+x(modm) (5.3-10) 
we then see from Proposition 5.1-2 that equation (5.3-10) has 
exactly one solution for y for each incongruent value of x. 


There are m incongruent values of x modulo m, and so there 


must be exactly m incongruent solutions to equation (5.3-8). m 


Example 5.3-1 
Find all solutions of 2+x+3+y=7(mod5) 


Solution: 
Since gcd(2,3,5)=1 we know a solution exists for 


2¢x+3+y=7(mod5) 


Since gcd(2,5)=1, we know from Proposition 5.3-2 that 5 
solutions must exist for 2*x++3+y=7(mod5). Rewriting this 
congruence as: 
2+x=7-3+y(mod5) 
As x takes values of 0 to 4, we obtain the 5 solutions (x, y): 
(0,4), (1,0),(2,1),(3,2),(4,3) 


Example 5.3-2 
Find all common solutions of the linear congruences in two 
variables: 


x+2+y=2(mod5) 


3+x+4+y=0(mod5) 


Solution: 


For x+2+¢y=2(mod5) we have gcd(1,5)=1 and so from 
Proposition 5.3-2 we see that this congruence has 5 solutions. 
Letting x =0,1,2,3,4, we find the solutions (x, y): 

(OPES 2-5 pal sae 2) 
For 3+x+4+y=0(mod5) we have ged(3,5)=1 and so from 


Proposition 5.3-2 we see that this congruence has 5 solutions. 


Letting x =0,1,2,3,4, we find the solutions (x, y): 


(Os esi 2 Wins ae 42 
The only common solution of the two congruences is (1,3) 


and so x=1 and y=3. 


A system of two linear congruence equations in two 
variables can be solved using the method of elimination. This 


method is illustrated in Example 5.3-3. 


Example 5.3-3 


Solve the following system of two linear congruence 


equations in two variables by the method of elimination. 


x+2+y=2(mod5) 


3+x+4+y=0(mod5) 


Solution: 

Multiplying the first equation by 3, we have: 
3*x+6+*y=6(mod5) 

Subtracting the second equation from the first: 
2+y=6(mod5) 

And so y=3. Using this result in the first equation, we have: 
x+6=2(mod5) 


or 


x =—4(mod5) 


Therefore x=1 and y=3. This is the same result obtained in 


Example 5.3-2. 


The system of two linear congruences: 


a,+x+b,*y=c,(modm) 
a,+x+b,+y=c,(modm) 


has a single unique solution modulo m if and only if 


gcd(a, +b, —a,+b,,m)= I. 


Proof: 
Assume the system of two linear congruences has a 

solution: 

x = x,(modm) (5.3-11) 

y= y,(modm) (5.3-12) 
We then have: 

A,X) +b, +, =c,(modm) (5.3-13) 

a,+X,+b,+y, =c,(modm) (5.3-14) 


Multiplying equation (5.3-13) by b, and equation (5.3-14) by b,: 


a,eb, +X, +b, +b, +y, =b, +c, (modm) (5.3-15) 

a,+b, +x, +b, +b, +y, =b,+c,(modm) (5.3-16) 
Subtracting equation (5.3-16) from equation (5.3-15): 

(a,¢b, —a, +b, )+x, =(b, +c, -—b, +c, )(modm) (5.3-17) 
Similarly, we have: 

(a,+b, —a,*b,)*y, =(a,*C, —a, °c, )(modm) (5.3-18) 


From Proposition 5.1-2 we then see that the system of two 


linear congruences will then have a single unique solution if 


and only if : gcd(a,+b,-a,+b,,m)=1. ™ 


If the system of two linear congruences: 


a,+x+b,*y=c,(modm) 
a,+x+b,+y=c,(modm) 


has a single unique solution modulo m, then this solution ts: 


X=(a,°b, —a,°b,) +(b, +c, -—b,+c,) 
Vp =(4,+b, -a, +b) *(a,°C,—a,*¢,) 


Proof: 

From Proposition 5.3-3 we know that the system of two 
linear congruences will have a single unique solution modulo 
m if and only if gcd(a,+b, —a,°b,,m)=1. From Proposition 5.1-5 
and equation (5.3-17) we then have: 

X) =(a,*b,-a, +b, 7 *(b,+c,-b,*c,) (5.3-19) 
From Proposition 5.1-5 and equation (5.3-18) we have: 


Vo =(a,+b,—a,°b,) +(a,c,-a,°c) (5.3-20) 


Order, Primitive Roots, and 
Indices of Integers 


6.1 THE ORDER OF AN INTEGER 


We will now examine the equation: 

a" =1(modm) (heN) (6.1-1) 
and explore some of its congruence properties. We have already 
considered two special cases of this equation: 

1. When h=p-1 and ged(a, p)=1, where p is a prime 
number: 
a? =1(mod p) (6.1-2) 


This is Fermat's little theorem (Proposition 4.3-2). 


2. When h=6(m) and gcd(a,m)=1: 


a®”) = 1(modm) (6.1-3) 


This is Euler’s theorem (Proposition 4.5-1). 


From Euler’s theorem and the well-ordering principle we 
know that a positive integer h does exist such that we obtain 
the congruence a" =1(modm) when gcd(a,m)=1. In general, 
however, neither h= p—1 nor h=(m) will be the least positive 


exponent / that satisfies the congruence in equation (6.1-1). 


In this Section we will consider values of h for which 
equation (6.1-1) is true. In particular, we will consider the least 


value of EN for which equation (6.1-1) is true. 


If and only if gcd(a,m)=1 will we have: 
" =1(modm) (6.1-4) 


forsomeheN. 


Proof: 
Let d=gcd(a, m). If a" =1(modm), then we have: 
a"-l=kem (6.1-5) 
or 
a" —kem=1 (6.1-6) 


Since dja and d|m, we must have d|1 and so a" =1(modm) 


only if: 
d=1=gcd(a,m) (6.1-7) 
Conversely, if gcd(a, m) =], then from Euler’s theorem we 


have: 


a" =1(modm) (6.1-8) 


where h=0(m). 


Proposition 6.1-1 leads us to a definition of the order of an 
integer. If gcd(a,m)=1 and if h is the smallest positive integer 
such that: 


a" =1(modm) (heEN) (6.1-9) 


then the exponent / is defined to be the order of a modulo m: 


h=ord,, (a) (6.1-10) 


and so: 


a®"\) = 1(modm) (6.1-11) 


If gcd(a,m)=1, then from Euler’s theorem we have 
a” = 1(modm), and so we know that ord, (a) must exist and 
must be equal to or smaller than o(m). Therefore we have 
1 <ord,,(a)<o(m). Gauss (1801, Article 53) described the order 
h as “the exponent to which a belongs” modulo m. If a=1, then 
1'=1=1(modm) for all m and so ord, (1)=1. 


Example 6.1-1 
Find the order of 2 modulo 7. 


Solution: 


We have gcd(2,7)=1 and so the order of 2 modulo 7 must 
exist. We search for the smallest value of = ord,(2) to satisfy 
2" =1(mod7). 


h=1 2' = 2(mod7) 
hk=2 2° =4=4(mod7) 
h=3 2° =8=1(mod7) 
h=4 2* = 16 =2(mod7) 
h=5 2° = 32 = 4(mod7) 
h=© 2° = 64 = 1(mod7) 


Therefore the smallest value of h satisfying the congruence 
2" =1(mod7) is h=3, and so 2 modulo 7 has order 3: 

ond, (2)=3 
Note that h=6=7-1= p-—1 and that a’* =1(mod p) is simply 


Fermat’s little theorem. 


Example 6.1-2 
Find the order of 3 modulo 7. 


Solution: 


We have gced(3,7)=1 and so the order of 3 modulo 7 must 
exist. We search for the smallest value of h to satisfy 
3" =1(mod7). 

i=1 3' = 3(mod7) 


h=2 3? =9 =2(mod7) 


h=3 3° = 27 =6(mod7) 
h=4 3* = 81=4(mod7) 
h=5 3° = 243 = 5(mod7) 
h=6 3° = 729 = |(mod7) 


Therefore the smallest value of h satisfying the congruence 
3" =1(mod7) is h=6, and so 3 modulo 7 has order 6: 


ord, (3) =6 


Additional examples of a” modulo 7 are given in Table 
6-1. 


Table 6-1 Examples of a" modulo 7 for gcd(a,7)=1. 


Calculations of the values for a=2 and a=3 in Table 6-1 
are given in Examples 6.1-1 and 6.1-2, respectively. From Table 
6-1 we see that the order of a corresponds to the / value of the 
first column in which 1 appears in the a row. We then find: 


a=1 has order 1 modulo 7. 
a=2 and a=4 have order 3 modulo 7. 
a=3 and a=5 have order 6 modulo 7. 


a=6 has order 2 modulo 7. 


Values of h given in Table 6-1 include only 1 to 6 since a’ 
modulo 7 forms repeating cycles with a’ = a'*"*”)(mod7). These 
cycles are never longer than the modulus 7. 

There are no orders h= 4 or 5 for any integers modulo 7. 
Finally, we note that the column for h=6=6(7) in Table 6-1 
contains 1 for every a. This is just a*”’=1(modm) which is 
Euler’s theorem. Only for a=3 and a=5 is ord,(a)=9(7), 


however. 


Example 6.1-3 


Show that: 
3° = 3°(mod7) 


Solution: 


Since 7 is prime, we have: 


If a=b(modm), then a and b have the same order. 


Proof: 
Let h=ord,,(a). We then have: 


a’ =1(modm) (6.1-12) 
Since a= b(modm), from Proposition 4.1-22 we have: 

a’ =b"(modm) (6.1-13) 
and so: 

a’ = b" =1(modm) (6.1-14) 


If we had g<h such that b’ =1(modm), then from Proposition 
4.1-22 we would also have a’ =1(modm). Therefore the least 
positive h such that a" =1(modm) must be the least positive h 
such that b" = 1(modm), and so: 


h=ord,, (a) =ord,, (b) (6.1-15) 


If gcd(a,m)=1 and h=ord,,(a), then a‘ =1(modm) if and 
only if h|k. 


Proof: 
We are given: 


a" =1(modm) (6.1-16) 


If h|k, then we must have k= j+h for some jeN. From 


equation (6.1-16) we can write 


(a’ y’ =1/ =1(modm) (Bee 
or 

(a") = al" =a‘ =1(modm) (6.1-18) 
Therefore: 

a‘ =1(modm) (6.1-19) 


Conversely, if a‘ =1(modm) then since h is the smallest 
positive integer such that a’ =1(modm) we must have hk. 
From the division algorithm (Proposition 2.1-4) there must then 
exist g and r such that k=qeh+r where geEN and 0<r<h. 
Therefore: 


Ce (a’ ‘i ea’ =1' +a’ =1(modm) (6.1-20) 
where we used equation (6.1-16). We then have: 
a’ =1(modm) (6.1-21) 


Since 0<r<h and since h is the smallest positive integer such 
that a" =1(modm), equation (6.1-21) can only be valid if r=0. 


Therefore we have k=qeh andsoh|k.m™ 


Note that Proposition 6.1-3 can be used to find all values 
of k such that a‘ =1(modm). All values of k must be multiples 
of h=ord, (a) (see Example 6.1-4). 


Example 6.1-4 
Verify Proposition 6.1-3 for 6 modulo 7 for 3<k<11. 


Solution: 
We have gcd(6,7)=1. We also know that 6 modulo 7 has 
order i =2 as shown in Table 6-1. We then have: 

6° = 36 =1(mod7) 


Testing with k =3,4,5,6,7,8,9,10,11: 
6° =216 =6 #1(mod7) 


6° = 1296 =1(mod7) 6° = 7776 = 6 # |(mod7) 


6° = 46656 = 1(mod7) 6’ = 279936 = 6 # 1(mod7) 


6° =1679616=1(mod7) 6° = 10077696 = 6 # 1(mod7) 
6" = 60466176 =1(mod7) 6"! = 362797056 = 6 # 1(mod7) 


We see that we have 6‘ =1(mod7) where k=qeh=q+2 since 
h|k and 2|4, 2|6, 2|8, and 2/10. 


If h=ord,,(a), then h|@(m). 


Proof: 


We have gced(a,m)=1 since h=ord,(a). From Euler’s 


theorem (Proposition 4.5-1), we then have: 
(6.1-22) 
Therefore from Proposition 6.1-3 we have h|@(m). = 

From Proposition 6.1-4, we see that the search for 


h=ord,,(a) can be limited to values of h such that h|@(m). This 


makes the search for the order of a number much easier. 


Example 6.1-5 


Determine ord,, (3) if m= 28. 


Solution: 


We have gcd(3,28)=1. From Appendix F we also have 


$(28)=12. This means that the only possible values of Example 6.1-6 


h=ord,, (a) must be such that 4|12. Therefore only h= 1, 2, 3, Verify Proposition 6.1-5 using the values listed in Table 6-1 for 
4, 6, and 12 need be tested. We calculate 3" modulo 28 until modulo 7. 
3" =1(mod28) is found. Galaion: 

h=l 3! = 3 =3(mod28) 


We have p=7 and 0(7)=p—-l=7-1=6. The orders found 
eo) 37?=9= 9(mod 28) for 1<a<6 are h=1, 2, 3, and 6. For all of these values of h 
ee 3 =27=27(mod28) We have h|6, and so h|(p—1). No orders h= 4 or 5 modulo 7 
exist. 


> 
II 
a 


3* = 81 = 25(mod 28) 
h=6 3° = 729 = 1(mod28) Proposition 6.1-6: 


Ifa'= 1(mod p') where p isa prime number, then 


Therefore: 
a= 1(mod p*') 
pod 3) = 6 
and the order of 3 modulo 28 is 6. Proof: 


Since a" = 1(mod p* ), we have: 


p* \(a" -1) (6.1-23) 
If h=ord,(a) where p is a prime number, then h| p—1. 


Therefore we must have: 


Proof: k-1y(_,h 
7 es Zs pep''|(a'-1) (6.1-24) 
For a prime number @¢(p)=p-1 as given in Proposition 
2.10-1. From Proposition 6.1-4, we then have h|p-—1 (also see and so: 
Proposition 4.3-9) m aie 1(mod p**) (6.1-25) 


If p and q are odd prime numbers, and if q| (a’ - 1), then either 
q|(a-1) or g=2+kep+l for some positive integer k. 

Proof: 
Since q| (a’ ~ 1), we have: 


a’ =1(modq) (6.1-26) 


If h=ord,(a), from Proposition 6.1-3 we have h| p. Therefore 
h=1 or h=p since p is a prime number. 
If h=1, then 


a’ =1(modq) (6.1-27) 


and so q|(a-1). 
If h=p, then from Proposition 6.1-4 we have p|@(q) and 
so p|(q—1). This means: 


fe a (6.1-28) 
for some integer j.Since p and g are odd, j must be even, and 
so equation (6.1-28) can be rewritten as: 


q=a2ekept+l (6.1-29) 


where k is some positive integer. m 


If hek =ord,, (a), then k =ord,, (a'). 


Proof: 
We are given: 
hek=ord, (a) (6.1-30) 
Therefore: 
a’ =1(modm) (6.1-31) 
or 
(a' y’ = 1(modm) (6.1-32) 


and so: 


ord,,(a")<k (6.1-33) 
If ord, (a") = g where 0<g<k, then: 


(a' y = a'"’ =1(modm) (6.1-34) 


where he g <h+k. From equations (6.1-30), (6.1-31), and (6.1-34) 
we see that we must have g=k =ord,, (a") since h»g cannot be 
smaller than h+k = ord, (a). Therefore: 

k =ord,, (a’) (6.1-35) 


Proposition 6.1-9: 
If h= ord, (a), then a' =a’(modm) if and only if i= j(modh). 
Proof: 

Since h=ord,, (a) then gcd(a,m)=1 and a" =1(modm). 
Also since ged(a,m)=1 we have gcd(a’ ; m) =1 from Proposition 
2.4-11. We can assign i and j so that 0< j<i. 

If a'=a'(modm), then we can divide by a’ since 


gcd(a’, m) = 1 (see Proposition 3.1-5): 
a’! =1(modm) (6.1-36) 


From Proposition 6.1-3, we then have h|(i-—_j), and so: 


i= j(modh) (6.1-37) 


Conversely, if i= j(modh) then: 
i=keh+j 
for some ke N, and 
a'=a"' =(a" ) ea! =1" +a’ =a’(modm) 


and so: 


a' =a’ (modm) 


(6.1-38) 


(6.1-39) 


(6.1-40) 


If h=ord, (a), then a,a’,a’,++-,a" are mutually incongruent 


modulo m. 


Proof: 


If h=ord,,(a), then we have gcd(a,m)=1. Therefore by 
Proposition 2.4-11 each power of a is relatively prime to m. 
We can assign 1< j<i<h. If a'=a’(modm), then using 


Proposition 6.1-9 we obtain: 


i= j(modh) (6.1-41) 


and so h|(i-j). Since 1< j<ish, we have i-j<h. Therefore 


h cannot divide i—j unless i= j. We must then have: 


a’ #a'(modm) if ix j (6.1-42) 


and so no two different powers of a can have the same residue 
modulo m. The h elements of the set {a,a°,a’ yet ,a"} are then 


incongruent modulo m. ™ 


d 
If h=ord,,(a), then ord, (a* ) h ord,, (a) 


7 gcd(h,k) F ged(ord,,(a),k) 


Proof: 


We are given: 


h=ord,, (a) (6.1-43) 
so that gcd(a,m)=1 and: 
a’ =1(modm) (6.1-44) 


We will let d= gcd(h, k). We wish to determine g where: 


oa ord, (a‘) (6.1-45) 
so that 
key 
(a ) = 1(mod m) (6.1-46) 
From Proposition 6.1-3 we then have h|k«g or: 
hk 
aa’ (6.1-47) 


Since d= gcd(h, k) we have from Proposition 2.1-10: 


edi ©) I 
g [ ee 1) = (6.1-48) 
Therefore equation 6.1-47 can be rewritten as Z | g- 
We can use equation (6.1-44) to write: 
(a’ e = (a' ye = 1(modm) (6.1-49) 


From equation (6.1-45) and Proposition 6.1-3 we then have 
h 
g\-. 
Since we have =| g and gI5, we then must have g =<. 
Therefore we obtain using equation (6.1-45): 


h ord, (a) 


ees As OO Ces 
ord,, (a Ean ged(ord,, (a), k) 


(6.1-50) 


From Proposition 6.1-11, we see that the order of any 
integral power of a can always be expressed in terms of the 


order of a. 


Example 6.1-10 


Verify Proposition 6.1-11 by determining ord, (3°) using 
ord, (3)=6. 


Solution: 


We are given h=ord,(3)=6. From Proposition 6.1-11, we 


have: 
: h 
ord, ( gcd(h, k) 
and so 
oe ee 
os gcd(6,2) 2 ° 
or 


ord. (3°) =ord.(9j=3 

We also have: 
9 = 2(mod7) 

Therefore from Proposition 6.1-2: 
ord, (9) = ord, (2) =3 


From Table 6-1 we see that ord,(2)=3 as predicted by 
Proposition 6.1-11. 


If h=ord,,(a), then h=ord,,(a‘) if and only if gcd(h,k)=1. 


Proof: 


If h=ord,(a) and gcd(h,k)=1, then from Proposition 
6.1-11 we have: 


ite h eis 
ord,, (a |= gcd(h, k) = 1 =h (6.1-51) 


Conversely, if h=ord,,(a) and h=ord,,(a‘), and if 


d=gcd(h,k), then we are given: 


h 


a’ =1(modm) (a‘) = 1(modm) (6.1-52) 
From Proposition 6.1-11, we have: 
(a‘) =(a‘) " =1(modm) (6.1-53) 


From Proposition 6.1-9, we then have: 


h 
ne 7 bmod ft) (6.1-54) 


But equation (6.1-54) will only be true if d=1=gcd(h,k). m 


If h=ord, (a), then there are exactly (h) elements of the set 
{a, aya ‘t which have order h modulo m. 
Proof: 


From Proposition 6.1-12 we know that h= ord,, (a : ) if and 
only if ged(h,k)=1. The number of possibilities for ged(h, k) =1 
is given by o(h). m= 


If a" =1(modm), a’ =1(modm), and d= ged(h,,h,) where 
h,,h, €N, then a“ =1(modm). 


Proof: 
We are given: 
a" =1(modm) (6.1-55) 
a = 1(modm) (6.1-56) 


From Bézout’s identity (Proposition 2.1-11), we can write: 


h,eu—h,ev=d (6.1-57) 


For this proof we wish u and v to be positive. We can make this 
happen by adding h,+h,+w to and subtracting h,-h,+w from 


equation (6.1-57): 
heuth,sh,-w—h,»v—h,+h,-w=d (6.1-58) 
or 


hys(u+h,ew)—h,+(v+h,sw)=d (6.1-59) 


where w is some large positive integer. We can then write 


equation (6.1-59) as: 


h,eu’—h,ev’=d (6.1-60) 


where u’,v’ EN. Raising equation (6.1-55) to the u’ power: 


a" =|" =1(modm) (6.1-61) 
Using equations (6.1-60) and (6.1-56): 
ieee (a’e Ve ea’ =1" «a" =a‘ =1(modm) (6.1-62) 


i | 
If gcd(ord,, (a), ord,,(b))=1, then: 
ord,,(a)*ord, (b) =ord, (a+b) 


Proof: 
Let 


h, = ord, (4) (6.1-63) 
h, = ord, (b) (6.1-64) 
We then have: 
a" = |(modm) (6.1-65) 
b"” =1(modm) (6.1-66) 
Let: 
k =ord,, (a+b) (6.1-67) 
so that: 
(a+b) =1(modm) (6.1-68) 
Using equations (6.1-65) and (6.1-66), we can write: 
(a" Ne -(b" )" =(a+b)"" =1" 1" =1(modm) (6.1-69) 
or 
(aeb)""” =1(modm) (6.1-70) 


From equations (6.1-67), (6.1-68), and (6.1-70) together with 
Proposition 6.1-3, we have k|h, «h,. 
We can also write: 
h, 


((a-b)')" =(arb)"*= (ah) bh st! bh = i(modm) 4, 


or 


b'« = 1(modm) (6.1-72) 


where we have used equations (6.1-65) and (6.1-68). From 
equations (6.1-64) and (6.1-72) and Proposition 6.1-3, we have 
h,|h,+k. Similarly, we can show that h, |h,«k. 

Since we are given gcd(h,,h,)=1, we must have h,+h,|k. 
We see then that h,-h,|k and k|h,+h,, and so we must have 
h,+h, =k. Therefore: 


ord, (a)+ord,,(b) = ord,, (a+b) (6.1-73) 


Proposition 6.1-15 can be used to find the order of certain 


composite integers when the orders of their factors are known. 


If a =1(modm), a” =1(modn), and gcd(m,n) =1, then 
a‘ =1(modmen) where k=h,+h,/gcd(h,,h,). 


Proof: 
We are given: 


a" =1(modm) (6.1-74) 


a” =1(modn) (6.1-75) 


Raising equation (6.1-74) to the power h,/gcd(h,,h,) and 
raising equation (6.1-75) to the power h,/ gcd(h,,h,): 


ephirbalscalh he) — 1(modm) (6.1-76) 

htalscalin. ta) - 1(mod n) (1277) 
Letting k=h,+h,/gcd(h,,h,) we can write: 

a‘ =1(modm) (6.1-78) 


a’ =1(modn) (6.1-79) 


Since gcd (mm, n) =1, from Proposition 4.1-12 we have: 


a‘ =1(modmen) (6.1-80) 


If 2eh=ord,(a) where p is an odd prime number, then: 


a" =—-1(mod p) 
Proof: 
We are given: 


a" =1(mod p) (6.1-81) 


and so p|(a*"—1). Therefore p|(a" +1)+(a" —1). This means that 
we have either: 
a" =1(mod p) (6.1-82) 


or 


a" =-1|(mod p) (6.1-83) 


but equation (6.1-82) is impossible since a” =1(modp). 


Therefore a" =-1(mod p). ™ 


If a" is the multiplicative inverse of a modulo m, then: 


ord, (a) = ord,, (a). 


Proof: 
Let h=ord, (a). We then have: 
a" =1(modm) (6.1-84) 


and gcd(a,m)=1. From Proposition 4.1-15 we can write: 


asa’ =1(modm) (6.1-85) 
or 
(asa ) = 1" =1(modm) (6.1-86) 
Therefore, using equation (6.1-84) we can write: 
(asa J’ =a'-(a" if =1-(a" J’ =(a' )' =I(modm) —(6.1-87) 


Letting k=ord, (a i from equation (6.1-87) and Proposition 
6.1-3, we then have k|h. 
Since k =ord,,(a'), we have: 
(a) =1(modm) (6.1-88) 
and ged(a : m) = 1. Using equations (6.1-85) and (6.1-88): 
(asa )' =a‘ (a is =a‘ «l=a‘ =1(modm) (6.1-89) 


and, since h = ord,, (a), from Proposition 6.1-3 we have h|k. 


Since k|h and h|k, we have h=k. Therefore: 


ord,, (a) = ord,,(a* ) (6.1-90) 


and so from Proposition 4.1-13: 
a‘ =1(modm) (6.1-96) 
a‘ =1(modn) (6.1-97) 


From Proposition 6.1-3 we have h,|k and h,|k. Therefore g|k. 


We also have: 


a" = 1(modm) (6.1-98) 


h 


a” =1(modn) (6.1-99) 


If gcd(m,n) = 1, then ord.,., (a) =lem(ord,, (a), ord, (a)). 


We can write g= j,*h,=j, +h, and so: 


a‘ =(a")' = 1" =1(modm) (6.1-100) 
Proof: 
Let: a’ =(a"")" =1* =1(modn) (6.1-101) 
k =ord,,.,,(a) (6.1-91) Therefore we have from Proposition 4.1-12: 
h, = ord, (a) (6.1-92) a’ =1(mod men) (6.1-102) 
From Proposition 6.1-3 we have k| ¢. 
h, = ord, (a) (6.1-93) : 8 
Since we have g|k and k|g, we must have k=g. 
= Icm(h, , h, ) (6.1-94) Therefore: 
We then have: ord,,., (a) =lcm(ord,, (a), ord, (a)) (6.1-103) 


k 


a’ =1(modmen) (6.1-95) 


6.2 PRIMITIVE ROOTS 


From Euler’s theorem (Proposition 4.5-1), we know that if 


and only if ged(a,m)=1 we will have: 


a®”) = 1(modm) (6.2-1) 


We then also know from Propositions 6.1-1 and 6.1-4 that 
ord,, (a) will exist and that it will be no larger than o(m): 


ord, (a) < o(m) (6.2-2) 


6.2.1 DEFINITION OF A PRIMITIVE ROOT 
If ged(a,m)=1 and h=ord,(a)=6(m) so that we have 
a") = gq") =1(modm), then a is defined to be a primitive root 
of m. In other words, if an integer has the largest order 
possible modulo m, then it is known as a primitive root of m. 
If p is a prime number, then $(p)= p-—1. Therefore, if a is 


a primitive root of a prime number p, we have: 
ord (a) = p-1 (6.2-3) 


Every prime number p will have a primitive root as stated by 
Euler’s theorem. Many composite numbers do not have a 
primitive root, however (see Table 6-2 where missing numbers 
1, 8, 12, 15, 16, 20, 21, 24 have no primitive roots). 
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Table 6-2 Primitive roots of integers n<27. 


6.2.2 EXISTENCE OF PRIMITIVE ROOTS Example 22 
In this Section we will consider a number of propositions Show that 5 is a primitive root of 18. 
that pertain to the existence of primitive roots. 


Solution: 


Example 6.2-1 
We have: 


Find all primitive roots of 7. 
6(18)=6 (see Appendix F) 


Solution: 5' = 5(mod18) 
We have: 5° = 25=7(mod 18) 
(7)=7-1=6 


5? = 125 =17(mod18) 


From Table 6-1 for a" =1(mod7) we have the orders for | 
54 = 625 = 13(mod18) 


LSa= 7. 
1=1(mod7) cs = 3125=11(mod18) 
2? =8=1(mod7) 56 = 5%") — 15625 =1(mod18) 
3° = 3") = 729 = 1(mod7) Therefore we have ord,,(5)=(18), and so 5 is a primitive 


root of 18. 
4° = 64 =1(mod7) 
56 = 50) =15605=1 Gran ae notes previously, many composite integers do not have 
a primitive root. For example, 15 does not. We have o(15)=8 
6° =36 =1(mod7) but no number modulo 15 has an order of 8 (see Example 6.2-3 
Therefore we have ord,(3)=06(7) and ord,(5)=0(7), and so and Table 6-3). 


the primitive roots of 7 are 3 and 5. 


Example 6.2-3 


Show that 15 does not have a primitive root. 


Solution: 


We have 6(15)=8. The numbers a<15 that are relatively 
prime to 15 are l, 2,4, 7,8, 11, 13, and 14. 
I’ =1=1(mod15) 8' =8 =8(mod 15) 


8° = 64 = 4(mod 15) 
2'=2=2(mod15) 8° = 512 =2(mod15) 
2? =4=4(mod15) 8* = 4096 = 1(mod15) 
2° =8 =8(mod15) 
2° = 16 =1(mod15) 11’ =11=11(mod15) 

11° =121=1(mod15) 
4' =4=4(mod15) 

4* =16= 1(mod15) 13' = 13 = 13(mod 15) 
13° = 169 = 4(mod15) 
7' =7=7(mod15) 13° = 2197 =7(mod15) 


7° = 49 = 4(mod 15) 13* = 28561 =1(mod15) 


7° = 343 = 13(mod15) 
7* = 2401 = 1(mod15) 14° =14=14(mod 15) 
14° = 196 = 1(mod15) 


and so all ord,;(a)<@(15)=8 where gced(a,15)=1 (see Table 


6-3). Therefore 15 does not have a primitive root. 
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Table 6-3. Examples of a" modulo 15 for ged(a,15)=1. All 
ord,,(a)<@(15)=8. 


If a is a primitive root of m, then a‘ is a primitive root of m if 
and only if gcd(o(m),k)=1. 


Proof: 


From Proposition 6.1-11, we have for primitive roots: 


ord,, (a) (m) 


orn (e I gcd(ord,, (a), k) z gcd((m), k) eee 
If and only if ged(o(m),k) =1 will we have: 
ord, (a* )=0(m) (6.2-5) 


so that a‘ is a primitive root of m. = 


If one primitive root of a positive integer is known, 
Proposition 6.2-1 can be used to find all of its other primitive 


roots. 


Example 6.2-4 


Verify Proposition 6.2-1 using the fact that 3 is a primitive 


root of 7. 


Solution: 


From Proposition 6.2-1 we know that any other primitive root 
a‘ of 7 must be such that ged(o(7), k) = ged(6, k)=1. Therefore 
k can equal only 1 and 5, and so the primitive roots of 7 are 
3' and 3°. But 3° =243=5(mod7). This means the primitive 
roots of 7 are 3 and 5 (see Table 6-2). 


Example 6.2-5 


Given that 7 is a primitive root of 22, find all the primitive 


roots of 22 using Proposition 6.2-1. 


Solution: 


We have 0(22)=0(2)+o(11)=1+10=10. Any primitive root a‘ 
of 22 must be such that ged(o(22),k)=ged(10,k)=1. The 


primitive roots of 22 are therefore: 7',7°,7',7°, and so: 


7' = 7(mod 22) 
TP = 343 = 13(mod 22) 
7’ = 823543 =17(mod22) 


T° = 40353607 = 19(mod 22) 
The primitive roots of 22 are: 7, 13, 17, 19 as listed in ‘Table 6-2. 


a is a primitive root of m if and only if a®"" #1(modm) for all 


prime numbers q such q|o(m). 


Proof: 


If a is a primitive root of m, then we must have: 


a”)? #1(modm) (6.2-6) 


since o(m)/q<(m), but o(m) is the smallest exponent a can 


have and be a primitive root of m. 


Conversely, assume that a is not a primitive root of m. 


Suppose we have: 
a" = 1(modm) (6.2-7) 


where h=ord,,(a). Then, from Proposition 6.1-4, h|@(m) and, 
since a is not a primitive root of m, h<@(m). Therefore we will 
have h«(geq)=(m) where g is some prime number and g is 
some natural number. We then have g|@(m) and h|@(m)/q. 


From Proposition 6.1-3 we obtain: 


qQn4 = 1(modm) (6.2-8) 


if a is not a primitive root of m. m 


Example 6.2-6 


Show that 3 and 5 are primitive roots of 7, but 2 and 6 are not. 


Solution: 

We have: 
o(7)=6 

The prime numbers that divide (7) are 2 and 3. 
3°° = 3° = 27=6 #1(mod7) 


3°° = 3° =9=2 #1(mod7) 

5°° = 5° =125=6 #1(mod7) 

5°° = 5° =25=4#1(mod7) 
From Proposition 6.2-2 we see that 3 and 5 are primitive roots 
of 7 (see Table 6-1). 

2° =2 =8=1(mod7) 

2°° =2* =4=4(mod7) 

6°° =6° = 216 =6(mod7) 

6°° = 6° =36 = 1(mod7) 


From Proposition 6.2-2 we see that 2 and 6 are not primitive 
roots of 7 (see Table 6-1). 


If and only if a is a primitive root of m will the least residues 
modulo m of the elements 14, Gn Ger aa, form, in some 


order, a reduced residue system modulo m. 


Proof: 


If a is a primitive root of m we have gcd(a,m)=1 since 
o(m)=ord,,(a). Therefore, from Proposition 2.4-11, we know 


that each power of a is relatively prime to m. From Proposition 


6.1-10, we also know that the @(m) elements of the set 
{a, GSO a) are then mutually incongruent modulo 
m. Since there are ¢(m) of these elements, by definition of 
reduced residue systems they must constitute all the reduced 
residue classes modulo m, and so, in some order, their least 


ies will form a reduced residue 


residues ih OE Oe 


system modulo m. 


Conversely, if the set of least residues modulo m of 
4. Cred aan form, in some order, a reduced residue 
system modulo m, then we have gcd(a,m)=1. From Euler’s 
theorem (Proposition 4.5-1), we also have a®”) = 1(modm). Since 
no two numbers of a complete residue system can be congruent 
to the same number, the complete residue system for which the 
reduced residue system given above is a subset can have no 
smaller power of a than 6(m) that is congruent to 1. Therefore 


a is a primitive root of m. & 


We see therefore that the powers from 1 to @(m) of a 
primitive root represent a reduced residue system modulo m. If 
o(m)=m-1, then powers from 1 to ¢(m) of a primitive root 
will form a complete residue system. This will always be the 


case if m is a prime number. 


Example 6.2-7 
Verify Proposition 6.2-3 for a=2 and m=9. 


Solution: 
We have gcd(2,9)=1 and (9) =6. 
2' = 2(mod9) 
2* = 4(mod9) 
2° =8(mod9) 
2* =16=7(mod9) 
25 =32 =5(mod9) 
2%) — 2° = 64 =1(mod9) 
Therefore the least residues of ee a 222 form a 
reduced residue system modulo 9: {1,2,4,5,7,8}. We see that 
2 is a primitive root of 9. The set {1,2,4,5,7,8} is relatively 
prime to 9, and each of the elements of the set is congruent to 


some power < (9) of 2. 


Example 6.2-8 
Verify Proposition 6.2-3 for a=3 and m=7. 
Solution: 


We have gced(3,7)=1 and o(7)=6. 


3' = 3(mod7) 

3° = 9 =2(mod7) 

3° = 27 = 6(mod7) 

3* =81=4(mod7) 

3° = 243 = 5(mod7) 

3h”) — 3° — 729 = 1(mod7) 
Therefore the least residues of fey 3 38 aS au form a 
reduced residue system modulo 7: {1, 2, 3, 4, 5, 6}. We see 
that 3 is a primitive root of 7. The set {1, 2, 3, 4, 5, 6} is 


relatively prime to 7, and each of the elements of the set are 


congruent to some power < @(7) of 3. 


Example 6.2-9 


Show that the four sets of least residues of the primitive roots 
2, 6, 7, 8 of 11 each forms a complete residue system modulo 
ib 


Solution: 


The primitive roots of 11 are 2, 6, 7, 8 as given in Table 6-2. 
Each of these residues has a set of least residues as stated in 


Proposition 6.2-3. The complete residue system modulo 11 is 


{1,2,3,4,5,6,7,8,9,10}. As shown in the table below, the 
least residues for each of the primitive roots of 11 form a 


complete residue system modulo 11. 


n 2"(mod11) 6"(mod11) 7"(mod11) 8"(mod11) 
l 2 6 o 8 
4 3 5 9 
fi) ya 
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As a consequence of Proposition 6.2-3, any integer a that 
is relatively prime to a modulus m can be expressed in the form 
a=r‘(modm) where 1<k<(m). Propositions 6.2-1 and 6.2-3 
can be used to discover how many primitive roots an integer 


has (providing it is known to have at least one primitive root). 


Example 6.2-10 


Determine the value of k such that 38 = 2‘(mod11). 


Solution: 

We see that gcd(38,11)=1. We can write: 
38 = 5(mod11) 

From Example 6.2-9 we have: 
2* = 5(mod11) 

Therefore k = 4.and: 
38 = 2*(mod11) 


If meN has a primitive root, then it has exactly (o(m)) 
incongruent primitive roots. 
Proof: 


Let a be a primitive root of m. Then from Proposition 
6.2-3 we know that elements of the set 4. eg ae aot 


form a reduced residue system modulo m. Therefore any 
primitive root of m must be a member of this set. The elements 
of this set are mutually incongruent and relatively prime to m. 
We also know from Proposition 6.2-1 that any a‘ will be a 
primitive root modulo m if and only if ged((m),k)=1. By 
definition of the o-function, the number of integers k in the 
interval 1<k<(m) that are relatively prime to 6(m) so that 
gcd(o(m),k)=1 are exactly ((m)). Therefore the number of 


primitive roots a modulo m are exactly (o(m)). = 


Example 6.2-11 


Verify Proposition 6.2-4 for modulo 7. 


Solution: 
o(7)=6 
0(0(7))=0(6)=2 
So if a primitive root of 7 exists, then 7 should have 2 


primitive roots. Checking Table 6-1, we see this is the case; 3 


and 5 are primitive roots of 7. 


Note that even if a natural number m has no primitive 
roots, we can still have ((m))>0. For instance, although 8 has 
no primitive roots, we have $((8))= (4) =2. 


Example 6.2-12 


Find all primitive roots of 9. 


Solution: 
From Proposition 6.2-4, we then know that if 9 has a 
primitive root, then 9 has exactly (o(9)) incongruent 
primitive roots. We have 6(9)=6 and $(6(9))=(6)=2, and 
so 9 has either none or two primitive roots. 
By testing integers beginning with 2, we find: 

2° = 2%) — 64 =1(mod9) 
and so 2 is a primitive root of 9. From Proposition 6.2-1, os 
modulo 9 will be a primitive root of 9 if and only if 
gcd(o(9),k)=1. We then have k =1,5: 

2' =2(mod9) 

2° =32 =5(mod9) 
Therefore 2 and 5 are the primitive roots of 9. 


2%?) — 2° = 64 =1(mod9) 


5%?) — 5° = 15625 =1(mod9) 


6.2.3. PRIMITIVE ROOTS OF PRIMES 

As a necessary preliminary to propositions concerning the 
number of primitive roots a prime has, we will now present 
several propositions about solutions of polynomial 


congruences. 


If p isa prime number and P(x) is a polynomial of degree n: 


n 


P(x)= ) ger! (6.2-9) 


k=0 
where c, €Z and gcd(c,,p)=1, then the congruence: 


P(x) =0(mod p) (6.2-10) 


has at most n incongruent solutions modulo p. 


Proof: 


If there is no solution, we are done. If n=0, there is no 
solution since gcd(c,,p)=1 and so ged(c,,p)=1 means that we 
have P(x)=c, #0(mod p). 

If there is a solution, using proof by mathematical 
induction, we begin by noting that for n=1 we have the linear 


congruence: 


P(x)=c,+x+c, =0(mod p) (6.2-11) 


or 


c,°x =— c, (mod p) (6.2-12) 


From Proposition 5.1-2 we see that equation (6.2-12) has exactly 
one solution modulo p since gcd(c,,p)=1. We can conclude 
that Proposition 6.2-5 is valid for n=1. 

We will next assume that Proposition 6.2-5 is true for 
polynomials of degree n—1, where n 22. 

Then, if P(x) is of degree n, either P(x)=0(mod p) has no 
solutions and the proposition is proven, or it has at least one 


solution: P(a)=0(mod p). Dividing P(x) by x—a we get: 


P(x)=(x-a)*Q(x)+r (6.2-13) 


where Q(x) is a polynomial of degree n-1 with integral 


coefficients. For x =a, we can write: 


P(a)=0=(a—a)+Q(a)+r=r(mod p) (6.2-14) 


Therefore the remainder is r =0(mod p), and we have: 


P(x) =(x—a)+Q(x)(mod p) (6.2-15) 


If x=b is any other incongruent solution of P(x)=0(mod p) so 
that b#a(mod p), we can write: 


P(b)=0=(b-a)+Q(b)(mod p) (6.2-16) 


Since b—a #0(mod p), we must have: 


Q(b)=0(mod p) (62417) 


This means that any solution x=b of P(x) that is different from 
x=a must be a solution of Q(x). From our induction 
hypothesis we know that Q(x) has at most n—1 solutions 
modulo p. Taken together with the solution «=a, we see that 


P(x) has at most n incongruent solutions modulo p. m 


If n,k EN such that k|n, then the polynomial x‘ —1 is a factor 
of the polynomial x" -1. 

Proof: 
Since k|n, we have: 


n=jek (6.2-18) 


From polynomial division, we have: 


yl -1=(y-le(y +? +t y $1) (6.2-19) 
Letting y =x‘, we obtain: 

eS ect — 1). (cae Se ty eevee 1) (6.2-20) 
or 

x"-l= (x" - 1) lan Sa et ce clog att 1) (6.2-21) 


and so x —1 is a factor of x”-1. m5 


If p is an odd prime number and k|(p—1), then x‘ =1(mod p) 
has exactly k incongruent solutions. 


Proof: 


From Euler’s theorem (Proposition 4.5-1), we have: 


x") | = 0(mod p) (6.2-22) 
where gcd(x, p)=1. Since 6(p) = p—1, we also have: 
x?" —1=0(mod p) (62223) 


From Proposition 6.1-10 we know that all integers in the set 
Sea rset are mutually incongruent modulo p. 


From equation (6.2-23), we can write: 


(ce = be \ = (mod p) (6.2-24) 


where 1<g<p-1l. Therefore all p—1 integers in the set S are 
solutions of x’'-1 modulo p. Therefore we see that 
x’ —1=0(mod p) has p—1 incongruent solutions. 


From Proposition 6.2-6 we can write: 


Koes —1=(x' —1)+P(x) (6.2-25) 


since k|(p—1) and where P(x) is a polynomial having degree 


p-1-k: 


P(x)axP bhp xP rh g PPO et hE] (6.2-26) 


Any solution of equation (6.2-25) must be a solution of either 
x —1 or P(x). 

From Lagrange’s theorem (Proposition 6.2-5), we know 
that P(x)=0(modp) will have at most p—1—k incongruent 


solutions. Therefore: 


x* —1=0(mod p) (6.2-27) 


must have at least (p—1)-(p-1-k)=k solutions. Using 
Lagrange’s theorem again, we see that equation (6.2-27) has at 


most & incongruent solutions. Therefore: 
x" =1(mod p) (6.2-28) 


has exactly k incongruent solutions. m 


If p is an odd prime number and h|(p—1), then the number of 


integers |< as p—1 having order h modulo p does not exceed 
o(h). 
Proof: 


We will define w(h) to be the number of integers a, 
1<asp-1, having order h modulo p so that a" =1(mod p). If 


y(h)=0, we have y(h)< (fA), and the proposition is valid. If 
y(h)#0, then at least one integer a exists such that: 

h=ord (a) (6.2-29) 
and 

a" =1(mod p) (6.2-30) 


where ged(a, p)=1. From Proposition 6.1-10 we also know that 
the integers x’ in the set S= {a, a os a’ \ are mutually 


incongruent modulo p. From equation (6.2-30), we can write: 
(a’ iP 2 (a° E = 1(mod p) 


for geN and |<g<h. Therefore all integers in the set S$ are 


(6.2-31) 


solutions of a’—-1 modulo p. Moreover, since h|(p—1), we 
know from Proposition 6.2-7 that a"-1 has exactly h 
incongruent solutions modulo p. Every one of these solutions 
must then be congruent modulo p with one of the elements of 
the set S, and no other solutions can exist. 

From Proposition 6.1-12 we also know that, if h=ord ACI 
then h=ord,(a*) if and only if gcd(h, g)=1. Since there are only 


o(h) such integers 1< g<h, then if one integer a exists having 


order h=ord,(a), this means there must exist @(h) integers a‘ 
such that ged(h, g)=1. Therefore y(h)<@(h). m 


If p is an odd prime number, then the number of incongruent 


integers a having order h modulo p is 0 if h(p—1) or o(h) if 
h|(p-1). 


Proof: 

If h{(p-1), then from Proposition 6.1-5 the number y(h) 
of integers a having order h modulo p is y(h)=0, and the 
proposition is valid. 

If w(h)#0, then at least one integer a exists such that 
a" =1(mod p) where ged(a, p)=1, and we have: 


h=ord ,(a) (6.2-32) 


From Fermat's little theorem (Proposition 4.3-2), we have: 


a’' =1(mod p) (6.2-33) 


and so a=1,2,3,:--,p—I1 are all solutions of equation (6.2-33) 
since for these values of a we have ged(a, p)=1. Therefore each 
integer a between 1 and p—1 has some order h where h|¢@(p) 
and where @(p)= p—1. Since a given integer a cannot have two 


different orders modulo p, we then obtain: 


(6.2-34) 


p-\= »y y(n) 
h\(p-1) 


where the notation /|(p—1) means that A is a divisor of p-1, 


and the summation notation > 
h\(p-1) 


that the sum is taken over all y(h) for which h is a divisor of 


in equation (6.2-34) means 


Do 
From Proposition 2.10-3, we also have: 
p-l= » o(h) (6.2-35) 
h\(p-l) 
and so: 
wg wlh)= Dd o(h) (6.2-36) 
h\(p-1) h\(p-1) 
From Proposition 6.2-8, we know that: 
yw(h)<@(h) (6.2-37) 


The left-hand sum in equation (6.2-36) will then be less than the 


right-hand sum unless we have: 
y(h)=9(h) #0 (6.2-38) 


Therefore either y(h)=0 or w(h)=0(h) forall h|(p—-1).m 


Example 6.2-13 


Verify Proposition 6.2-9 for p=7 and all possible values of h. 


Solution: 


Since we must have h|(p-1)=h|6, then: h=1,2,3,6 and the 
corresponding values of @(/) are: @(h)=1,1,2,2 (see Table 
6-1). From Table 6-1 we get the values of a corresponding to 
h=ord,,(a), and we can then determine the number of such 
values y(h) using the table below. We find that y(h)= (7). 


h o(h a y(h) 
| — / | 
2 | I 6 | I 
3 2 | Be 2 
6 eee 


If p is an odd prime number, then there are exactly o( p—1) 


incongruent primitive roots of p. 


Proof: 

Since o(p)= p—1, we know from Euler’s theorem given in 
Proposition 4.5-1 that h= p—1. Then from Proposition 6.2-9 we 
know that o(p—1) incongruent primitive roots of p exist (see 
Proposition 6.2-4). m 


Example 6.2-14 


Verify Proposition 6.2-10 for p=7. 


Solution: 


There should be 6(p—1)=6(6)=2 primitive roots of 7. From 
Table 6-1 we see they are: a=3 and a=5. 


Every prime number p has a primitive root. 


Proof: 

If p=2, then any odd number a will be such that 
gcd(a,2)=1, and a*'=a'=1(mod2). If p>2, then, from 
Proposition 6.2-10, we know that every odd prime number p 
has o(p—1)>0 incongruent primitive roots. 


Therefore every prime number p has a primitive root. = 


The primitive roots for integers n<27 are listed in Table 


6-2. No method is known for predicting either the smallest 


primitive root or the distribution of primitive roots for any 


given prime number. The smallest primitive root for all primes 
p $113 are listed in Table 6-4. 


41 6 67 


Table 6-4 Smallest primitive roots for all primes p<113. 


From Table 6-4 we see that 2 is a primitive root of many of 
the primes listed. There is a conjecture by Artin (as yet 
unproved) that there exists an infinite number of primes having 
2 as a primitive root. This conjecture is a special case of Artin’s 
more general conjecture that states: A given integer which is not a 
perfect square and is not equal to -1 is a primitive root of an infinite 
number of primes. 


Example 6.2-15 
Find all primitive roots of 13. 


Solution: 


re I(mod pee) (6.2-40) 


We also have from Proposition 6.1-6: 


a’ = I(mod p*) (6.2-41) 
Since a is a primitive root of p‘, from equation (6.2-41) we 
must have: 

6(p')|h (6.2-42) 


From equation (6.2-40) and Proposition 6.1-4, we have: 


h| o(p*" ) (6.2-43) 
Therefore: 
6(p*)|h| o(p"") (6.2-44) 


This means that either h= o( p* ) or h= o( Bae ). 


If p is an odd prime number and if a is a primitive root of p* 


liens o( p* eG then a is a primitive root of p*”. 


where k>2, then a is also a primitive root of p**'. If h= mn ay then from equation (6.2-40) we have: 


Proof: ; 

y noe 1(mod pe) (6.2-45) 
We are given: 
To show that we cannot have h=¢(p‘), let t=@(p*"). From 


op") _ k 
bee I(mod p ) (6.2-39) Euler’s theorem (Proposition 4.5-1) we have: 


Let h= ord (a). We then have: 


a= 1(mod pe (6.2-46) 
Therefore: 
a’ =1+ je p*" (6.2-47) 


for some j¢€N where p i j since we cannot have j= /j’*p so 


that t=1+ j’+ p* or we would have: 


qh”) = 1(mod p') (6.2-48) 


contrary to equation (6.2-41). From Proposition 2.10-5 we have 
0( p')== p-(p"')= pet. Using the binomial theorem, we can 


write: 


ah) Fie =(1+ je po), =|+j- p* (mod p‘“") (6.2-49) 


k+1 


where p*” divides all other terms in the binomial expansion. 


Therefore we see that: 


gil?) A 1(mod p*") 


(6.2-50) 
and so we have only: 
a’) =1(mod p**") (6.2-51) 


and a is a primitive root of p* and p‘'. = 


m is a prime number if and only if (m—1)!=—1(modm). 


Proof: 


If m=p is a prime number, then from Proposition 6.2-11 
we know that p has a primitive root. From Fermat's little 


theorem (Proposition 4.3-2), we have: 


a’' =1(mod p) (6.2-52) 


where ged(a, p)=1. We will now let a be a primitive root of p. 
From Proposition 6.2-3, we know that if a is a primitive root of 
a prime number p, then a, a’, a’, --- , a*”) will be congruent 
to the least residues 1, 2, 3,--- ,(p—1) in some order. We 


therefore have: 


(p-1)!=aea’ ea’ ---ea’* (mod p) (6.2-53) 
or 
(p-l)!= a?) (mod p) (6.2-54) 
and so 
e( p—1)/2 (p-1)/2 
(p-1)!=a"?” =(a”)" (mod p) (6.2-55) 


Writing a’ =a+a’™ and using equation (6.2-52), we obtain: 


_1 \(p-1)/2 ~1)/2 
(p-1)!=(aea’ ae = ql? (mod p) (6.2-56) 


From Proposition 4.5-3, we have: 


(p—1)!=—I(mod p) (6.2-57) 
Conversely, if: 
(m—1)!=—1(mod m) (6.2-58) 


then if m is a composite number, it can be factored, with the 
factors being smaller than m—1. Therefore if m>4, the factors 
must occur in (m-1)!, and so equation (6.2-58) becomes: 
(m-—1)!=0#-1(modm). Therefore, for equation (6.2-58) to be 
valid, m cannot be a composite number, and so m must be a 


prime number. m 


2 and 2° have primitive roots. 


Proof: 


1°?) =1' =1(mod2) 1 = ord, (1)=¢(2) (6.2-59) 


3°") <3? =1(mod2”) 2 =ord,.(3)=9(22)=4(4) (62-60) 


Therefore 1 is a primitive root of 2, and 3 is a primitive root of 
2° (see Table 6-2). m 


2“ does not have primitive roots if k >3. 


Proof: 


For 2“ to have a primitive root a, we must have 
gcd(a,2‘)=1. The integers relatively prime to 2° are all the odd 
integers. Therefore we will let a be an odd integer. From 


Proposition 4.1-29, we then have: 


C= 1(mod 2 ) (6.2-61) 
where k 23. From Proposition 2.10-2 we have: 

g(2")=2"- c - 7 =e (6.2-62) 
From equations (6.2-61) and (6.2-62), we have: 

ee tea ie I(mod 2") (6.2-63) 
where k >3. Therefore we cannot have: 

Lae I(mod ae) (6.2-64) 


and so we can conclude that 2 with k>3 does not have 


primitive roots. m 


From Propositions 6.2-14 and 6.2-15, we see that 2‘ will 


have a primitive root only if k=1 or k=2. 


Proposition 6.2-15: po SEE Hun (62.70) 


If ged(m,n)=1 where m>2 and n>2, then the integer men 


Euler’s theorem (Proposition 4.5-1) for m is: 
has no primitive roots. a") = (mod m) 62-71) 
Proof: 


ets: Raising this to the o(n)/k power: 
Let a be a positive integer such that gcd(a,me+n)=1. From 


Proposition 2.3-3 we then have gcd(a, m) =1 and gcd(a,n) =. (ayer Shinai = le 1(modm) (6.2-72) 
We will define: 
Similarly, we have: 
j =lem(¢(m), 6(n)) (6.2-65) 
a®”) =1(modn) (6.2-73) 
k= ged((m),0(n)) (6.2-66) 


Raising this to the @(m)/k power: 
From Proposition 2.9-2 we have: 


(ayer = grr Anyk — gi = 1(mod 7) (6.2-74) 
o(m)+9(n) 


l = Z 
cm(#(m), (7) ged(@(m), o(n)) (6.2-67) From equations (6.2-72) and (6.2-74), and using Proposition 
4.1-12 with ged(m,n)=1, we can write: 
and so: 
: a’ =1(modmen (6.2-75) 
jek=o(m)=0(n) (62-68) ey 
ee fi es Since j<o(m,n)/2, we see that the integer men cannot have 
Since Euler’s @-function is multiplicative, we have: Seed 
any primitive roots. lm 
j+k=0(m)+0(n) =9(men) (6.2-68) 


FP P ition 3.4-3, we know that d o(n both 
ae een EOE A ana see Any integer divisible by two distinct odd prime numbers has no 


even. Therefore k>2 and we have: ees 
primitive roots. 


Proof: 


Follows from Proposition 6.2-15. m 


Any integer having the form 2“ +p’, where p is an odd prime 


number and where k 22, has no primitive roots. 


Proof: 


Follows from Proposition 6.2-15. m 


If p is an odd prime number having a primitive root a, then 


either a or a+ p is a primitive root of p°. 
Proof: 
From Euler’s theorem (Proposition 4.5-1), we have: 


a®”) = (mod p) 


(6.2-76) 
where o( p)= p—1. Therefore: 
a?” =1(mod p) (6.2-77) 
Now let: 
h=ord .(a) (6.2-78) 


so that: 


= I(mod p’) (6.2-79) 
From Proposition 6.1-6, we then have: 
a" = 1(mod p) (6.2-80) 


Since a is a primitive root of p, from equations (6.2-80) 
and (6.2-77) we see that h is a multiple of p—1 and so p-I|h. 

We also know from equation (6.2-78) and Proposition 6.1-4 
that h| @(p’) where we have (p*)= p’— p= p+(p-1) from 
Proposition 2.10-2. Therefore we obtain h| p*(p—1), and we 
have either h= p—1 or h= p+(p-1). 

We will now show that if h=p-+(p-—1), then a is a 
primitive root of p*; and if h=p-—1, then a+p:p is a primitive 
root of p’. 


If h= p+(p-—1), then from equation (6.2-79) we have: 
(6.2-81) 


and so when h= p+(p—1)=ord .(a), then a is a primitive root 
of p’. 
If h= p—1, then from equation (6.2-79) we have: 


ase = 1(mod p’) (6.2-82) 


When a satisfies this congruence, then a will not be a primitive 


root of p* since (p’)= p+(p-1). 


We will now test a+ p to determine if it is a primitive root 


of p>. Because 


a+ p=a(mod p) (6.2-83) 


then a+ p is a primitive root of p since a is a primitive root of 


p. We will let b=a+p and 


g =ord |. (b) (6.2-84) 


so that: 


b* = 1(mod p”) (6.2-85) 


Following the argument of the previous discussion, we see that 
either g= p—1 or g=p*(p-l). 
If g=p-—l1, then from the binomial expansion, as given in 


equation (4.2-1), we have: 


(a+ pt =a?" +(p-1)-a?2 «p+ Ba pei es er eege 


ee 
(6.2-86) 


and so: 


(at p)’ =a”! +(p-1)+a”” + p(mod p’) (6.2-87) 


since all other terms are multiples of p*. Using equation 


(6.2-82), we can write: 


(a+ Dye. =l-p ae? # I(mod p) (6.2-88) 


Therefore when g = p—1, a+ p is nota primitive root of p’. 


If g = p*(p—1), we have: 


(a+ py” =(a+ p)"”) =1(mod p’) (6.2-89) 


and so when h= p—1=ord (a), then a+ p is a primitive root of 


i: 


je 
Therefore, either a or a+ p is a primitive root of p*. ™ 


If p is an odd prime number, then p> will always have a 


primitive root. 


Proof: 


Follows from Propositions 6.2-11 and 6.2-18. m 


If p is an odd prime number, and if a is a primitive root of p*, 


then a is a primitive root of p* forall k>2. 


Proof: 


Proceeding using mathematical induction, we know that 
the proposition is true for k=2. We will now assume that the 


proposition is true for some k >2 so that we have: 


a’\”) =1(mod p*) (6.2-90) 


We will let: 


h=ord ,., (a) (6.2-91) 


From Proposition 6.1-4, we then have h| o( Bees and so 
h| p‘ «(p—1). We also have: 


"jhe I(mod Dee ) (6.2-92) 
and, from Proposition 6.1-6: 
a" = 1(mod p‘) (6.2-93) 


From equations (6.2-90) and (6.2-93) and our assumption that a 
is a primitive root of p*, we must have o( p*\\h where 
9(p*)= p*'+(p-1). Therefore we have p‘'«(p-1)|h. We can 
conclude that either h= p‘+(p—1) or h= p*'«(p—1). If we can 
prove that h# p*'+(p—1), we will have proven that a is a 


1 


primitive root of p‘”' since we will then have: 


gh (P-) oy eA = 1(mod p**') (6.2-94) 
We need to prove: 
q? (eg I(mod pa (6.2-95) 


Since a is a primitive root of p*, we have gced(a, p= 1. From 
Proposition 2.4-11, we then have ged(a, Dies) 1. We also have 
o(p*") = p** «(p-1), and so Euler’s theorem (Proposition 4.5-1) 


gives: 


a’ “?) =1(mod p**) (6.2-96) 


or 

a?) 214 je pO (6.2-97) 

for j €Z. Raising equation (6.2-97) to the power p, we obtain: 
ae |. joo 4| |.Pe(ph)y + 


+ P | Pe(p yy 62-98) 


P 


Since p>2, the binomial coefficients given by equation (4.2-2) 
are even, and the third term and all following terms are 


divisible by p‘'. So we have: 


a? PY) aly je p*(mod a) (6.2-99) 
If 

qh (P}) = 1(mod Dee) (6.2-100) 
then we must have: 

je p* =0(mod p“) (6.2-101) 


k+1 


This means that p*"| j+p* and so p|j. Therefore p is a factor 


of j so that j = j’+ p. Equation (6.2-97) then becomes: 


A ey es 1 (6.2-102) 


and so equation (6.2-96) is: 
a”) = 1(mod p*) (6.2-103) 


But this contradicts our beginning assumption that a is a 
primitive root of p*. Therefore h# p*'+(p-—1), and so equation 
(6.2-95) is true. This means that: 

gh) = I(mod Bas) (6.2-104) 


Or 


a”) = 1(mod p*) (6.2-105) 


The proposition is then proven by mathematical induction. m 


2* =16 = 16(mod3’) 

2° = 32 = 5(mod3’) 

2° = 64 = 10(mod3° ) 

2” = 128 = 20(mod3’) 

2° = 256 = 13(mod3’) 

2° = 512 = 26(mod3’) 

2" = 1024 = 25(mod3° ) 
2'' = 2048 = 23(mod 3°) 
2'? = 4096 = 19(mod3° ) 
2" = 8192 =11(mod3’) 
2'* = 16384 = 22(mod3°) 
2'° = 32768 = 17(mod3°) 
2"° = 65536 = 7(mod3° | 
2"” = 131072 = 14(mod3*) 
(3!) 


2'° = 2"! = 262144 = I(mod3* ) 


and so 2 is a primitive root of 3°. 


If p is an odd prime number, then a primitive root exists for all 
p with k=1. 


Proof: 
Follows from Propositions 6.2-11, 6.2-20, and 6.2-21. = 


If p is an odd prime number, and if a is a primitive root of p* 


where k =1, then either a or a+ p* is a primitive root of 2+ p*. 
Proof: 


Since a is a primitive root of p‘, we have ged(a, p‘)=1. 


From Euler’s theorem (Proposition 4.5-1), we have: 
af?) = I(mod p' | (6.2-106) 


If a is an odd integer, we will let h=ord, (a). Then 
h| (2+ p*). We also have: 


0(2+p')=9(2)-9(p')=0(p') (6.2-107) 
Therefore h| o( p') . Since 
a’= 1(mod2 . p') (6.2-108) 


we have: 


dos 1(mod p') (6.2-109) 


because a is an odd and so we must have p‘ |(a" -1) if 
2+p*|(a'-1). Since a is a primitive root of p*, we then have 
9( p*)|h. Therefore we have both h|@(p*) and ¢(p‘)|h, and so: 


i= 6( p*) = g(2 . p*) (6.2-110) 


Therefore a is a primitive root of p* and 2+p* if a is an odd 
integer. 

If a is an even integer, gcd(a, 2+ p* ) #1,andsoa cannot be 
a primitive root of 2 p*. However a+ p* will be an odd integer, 
and will be a primitive root of p* since a is a primitive root of 


p* and: 
at p* =a(mod p*) (6.2-111) 


Following the same steps as above, we see that a+ p* will then 


also be a primitive root of 2+ p*. m= 


Example 6.2-18 


2 is a primitive root of 3° as shown in Example 6.2-16. Show 


that either 2 or 2+3° is a primitive root of 2+3°. 


Solution: 


We have $(2+3°)=9(18)=6. 


If 2 is a primitive root of 2-3°, we should have: 
2°?) = 9° =1(mod2+3?) 
Testing this we find: 
2°) = 2° = 64 =10#1(mod2-3”) 
This is not surprising since ged(2, 2° 3) #1, and so Euler’s 


theorem (Proposition 4.5-1) does not apply. 


Testing 2+ 3° =11, we find: 
11' =11=11(mod2-3°) 


11° =121=13(mod2-3°) 

11 =1331=17(mod2+3° ) 
11* = 7986 = 12(mod2+3°) 
11° = 161051 = 5(mod2+3°) 


11° =1 122) =1771561= i(mod2 -3*) 


and so 2+3° is a primitive root of 2+3°. 


If m22, then m will have a primitive root if and only if 
m=2,4, p*, or 2+p", where p is an odd prime number and 
kKeEN. 

Proof: 


Follows from Propositions 6.2-11, 6.2-13, 6.2-14, 6.2-15, 
6.2-16, 6.2-17, 6.2-18, 6.2-19, 6.2-20, 6.2-21, and 6.2-22. = 


Example 6.2-19 


Determine which of the following numbers has a primitive 


root: 

1. 49 

2.7 30 

3. 242 
4. 162 
Solution: 


1. 49=7° =p’ hasa primitive root (Proposition 6.2-19). 


2. 36=2°+3° has no primitive root (Proposition 6.2-17). 


3. 242=2+121=2+11° =2+p* hasa primitive root 
(Proposition 6.2-22). 


4. 162=2+81=2+3* =2¢p’ has a primitive root 
(Proposition 6.2-22). 


The following proposition can be used to test the primality 
of numbers (see Lucas 1878a; and Lehmer, 1927, 1928, 1935, 
1936, 1949). This proposition is sometimes considered to be the 


converse of Fermat’s little theorem. 


If we have: 
a" =1(modm) 


a”): #1(modm) 


for all prime numbers p, such that p,|(m-1) where meN, 


then m is a prime number. 
Proof: 
We are given: 


a" =1(modm) (6.2-112) 


a") #1(modm) (6.2-113) 


We know from Proposition 6.1-1 and equation (6.2-112) that 
gcd(a,m)=1. If we let h=ord, (a), then we have A|(m—1) from 
equation (6.2-112) and Proposition 6.1-3. 

We will now consider the prime factorization of m—-1. If 
for each prime factor p, |(m—1), equation (6.2-113) is valid, then 
we must have h=m-—1. We also have from Proposition 6.1-4 
that h|@(m), and so o(m)2m-1. Therefore a primitive root a 
of m exists, and m must be a prime number. 

Conversely, if m is a prime number, then by Proposition 


6.2-11 there exists a primitive root a of m and so we have: 


h=ord,(a)=m-1 (6.2-114) 


and equations (6.2-112) and (6.2-113) then apply for all 
p,|(m—1). ™ 


Example 6.2-20 


Test the primality of 23 using Proposition 6.2-24. 


Solution: 

We have (23) =23-1=22. Letting a=2, we have: 
2° = 256 = 3(mod23) 
28.23? = 2! =3+68=24 =1(mod23) 


(2") =2” =1? =1(mod23) 


The prime factors of 22 are 2 and 11. 
2” = 2" =1(mod 23) 
2°" = 2° =4 ¢1(mod23) 
Since 2”* = 2" =1(mod23) the test for primality of 23 using 
a=2 is not decisive. 
Letting a=3, we have: 
3’ = 2187 = 2(mod 23) 
(3’) =3" =(2) =8(mod23) 
3°13 =3” =8+3=24=1(mod23) 
Using the prime factors of 22: 
3°" = 3! = 3' «37 =8-81=648 = 4 #1(mod23) 
3°" = 3° = 9 #1(mod 23) 


and so 23 is a prime number. 


If p is an odd prime number and if 


where k=1, then 


Proof: 


If (p—1)|k we can write: 


k= j+(p-1) (6.2-115) 
Fermat's little theorem (Proposition 4.3-2) gives us: 

a? =1(mod p) (6.2-116) 
for a=1,2,3,---, p—1. Therefore: 

(a) =a?) = =1(mod p) (6.2-117) 
or 

a‘ =1(mod p) (6.2-118) 
We then have: 

S = p—1=-1(mod p) if (p—1)|k (6.2-119) 


If (p-1) if k we will let g be a primitive root of p. This is 
possible since, from Proposition 6.2-11, we know that every 
prime number has a primitive root. We then have gcd(g, p)=1 


and 


(6.2-120) 


(6.2-121) 


From Proposition 4.4-2, we know that the two residue systems 
{1,2,3,--.(p-L} and {l+g,2+g,3+g,--,(p—l)*g} are both 
congruent modulo p. Therefore: 


p-l p-l 
s= Dias Y(ae8)' = g“+S(mod p) 
a=] a=] 


(6.2-122) 


or 
(g‘ -1)+S =0(mod p) (6.2-123) 
From equation (6.2-121) we see that p vf ( g* —1). Therefore p|S 


and so: 


(6.2-124) 


If a‘ is a primitive root of m, then a is a primitive root of m. 


Proof: 


We are given: 


o(m) = ord,,(a") (6.2-125) 

From Proposition 6.1-11, we have: 
ord, (a 

ord,, (a")= mages (6.2-126) 
and so: 

ord,, (a) 2 ord, (a‘) (6.2-127) 
From equation (6.2-127), we then have: 

ord, (a) = o(m) (6.2-128) 


But ord,,(a) cannot be greater than @(m), and so we obtain: 
ord, (4) = o(m) (6.2-129) 


Therefore a is a primitive root of m. = 


A least residue a will be a primitive root modulo m if and only 
if its multiplicative inverse a” is a primitive root modulo m. 
Proof: 
From Proposition 6.1-18 we have: 
ord,, (a) = ord,, (a ') (6.2-130) 


Therefore we will have: 


ord,, (a) = o(m) (6.2-131) 
if and only if: 
ord, Ga ) = @(m) (6.2-132) 


6.3. INDEX THEORY 


If a is a primitive root of m so that gcd(a,m)=1 and 

ord, (a)=@(m) (6.3-1) 
and if b is a positive integer where gcd(b,m)=1, then there 
exists a unique integer k where 1<k<o(m) such that: 


a‘ = b(modm) (6.3-2) 


Proof: 


From Proposition 6.2-3, the least residues of all the powers 
of aso(m): {a,a*,a°,- at constitute a reduced residue 
system. This means that for any positive integer b where 


gcd(b,m)=1, there must exist an a such that: 


a‘ = b(modm) (6.3-3) 


for a unique value of k where 1<k<o(m). = 


If a is a primitive root of m, and if gcd(b,m)=1 with 


b éN, then the unique integer 1 < k < @(m) in the equation: 
a‘ = b(modm) (6.3-4) 


is known as the index or discrete logarithm of b relative to a. 


This is written as: 
k =ind,(b) (6.3-5) 


where a is the base of the index. If a“ =b(modm) is solvable, b 
is called the k’th power residue of m; if a‘ =b(modm) is not 
solvable, b is called the k’th power nonresidue of m. 

Using any base that satisfies equation (6.3-4), where 
gcd(b,m)=1 and where a is a primitive root of m, an index can 
be formed. This is similar to the common logarithm that can be 
calculated using different bases (for example, 10 or e). 


Equation (6.3-4) can be written: 


qintl’) = b(mod m) (63) 


or 


b = aire?) (mod m) (6327) 


Equation (6.3-7) can be seen to be analogous to the following 
definition of logarithms to the base a: b=a'™). Since 
1<k<o(m) we have 1<ind,(b)<o(m), and the index k is the 


smallest positive integer that satisfies equation (6.3-4). 


Example 6.3-1 


5 is a primitive root of 7. Find the following: ind,(1), ind,(2), 


ind, (3), ind,(4), ind,(5), ind,(6) modulo 7. 


Solution: 


We have (see Table 6-1): 


5° = 1(mod7) 


We then have for modulo 7: 


ind, (1)=6 


{ J gv gy 


=> 


Index tables can be constructed to facilitate conversion 
from a number to its index, and from an index to the 


corresponding number. Using the information from Example 


6.3-1, the two index tables for 5“) =b(mod7) are given in 
Tables 6-5 and 6-6. 


Example 6.3-2 


5 is a primitive root of 7. Find the index k of 18 such that 
5“ =18(mod7). 


Solution: 


We are given: 


5“ =18(mod7) 


We first determine the least residual of 18 modulo 7: 
18 = 4(mod7) 
We are then looking for k = ind,(4) such that: 
5 = 4(mod7) 
From Table 6-6 we find: 
k =ind,(4)=2 
Therefore: 
k =ind,(18)=2 
and so 5 raised to the index 2 is congruent with 18 modulo 7: 


So. 25 —18imod)) 


If a is a primitive root of m, then ind,(a) = 1(mod6(m)). 
Proof: 
We are given: 


ord, (a) = o(m) (6.3-8) 


By definition of indices we also have: 


a’) = a(modm) (6.3-9) 


From Proposition 6.1-9, we then obtain: 


ind, (a) = 1(mod@(m)) (6.3-10) 
of 


If a is a primitive root of m, then ind, (1)=0(modo(m)). 


Proof: 


We are given: 
ord, (a) =@(m) (6.3-11) 
By definition of indices we have: 
a’) = 1(modm) (6.3-12) 
We also have: 
a’ =1(modm) (6.3-13) 
From equations (6.3-12) and (6.3-13): 
a’) = a (modm) (6.3-14) 
From Proposition 6.1-9, we then obtain: 


ind, (1) = 0(modg(m)) (6.3-15) 
i 


If a is a primitive root of m where m>2, then: 


Proof: 
From Euler’s theorem (Proposition 4.5-1) we have: 


ah m) 


= I(mod m) (6.3-16) 
Therefore we can write: 

(avee = 1) . fare + 1) = 0(modm) (6.3-17) 
and so we have either: 

aX”? 1 =0(modm) (6.3-18) 
or 


arrays 0(mod m) (6.3-19) 


From equation (6.3-16) we know that equation (6.3-18) is not 


possible. Therefore we have: 


ak"? = —1(modm) (6.3-20) 


or 


aX"? = m—1(modm) (6.3-21) 


and so by definition of indices: 


ind, (m—1)= om) (6.3-22) 


If a is a primitive root of p, where p is an odd prime number, 
then: 


ind, (p-1)=2— 


Proof: 


Since a is a primitive root of p, we have ged(a, p)=1. 


From Proposition 4.5-3 we then also have: 


gq’ Pe =-l= p—1(mod p) (6.3-23) 
Therefore: 

p-\ 

ind, (p—-1)= Oe (6.3-24) 
i 


Note that this proposition also follows from Proposition 
6.3-4. 


If a is a primitive root of m, and if b=c(modm), then: 


ind, (b) = ind, (c) 


Proof: 


We are given: 


ord,, (a) = @(m) (6.3-25) 
Let 

a” =b(modm) (6.3-26) 

a =c(modm) (63-27) 
and so: 

k, =ind,(b) (6.3-28) 

k, =ind, (c) (6.3-29) 


where 1<k,<@(m) and 1<k,<@(m). Since b=c(modm), we 
have from equations (6.3-26) and (6.3-27): 


a‘ =a" (modm) (6.3-30) 
From Proposition 6.1-9, we then obtain: 
k, =k,(mod@(m)) (6.3-31) 


and so ¢(m)|(k,-k,). However, this is not possible unless 
k, =k, since 1<k, <@(m) and 1<k, <@(m). Therefore we have: 


ind, (b) =ind, (c) (6.3-32) 


Proposition 6.3-6 makes it possible to determine the index 
of some integer b modulo m where b>m by finding the index 


of some other integer congruent to b modulo m that is less than 


and relatively prime to m. 


If a is a primitive root of m, then: 


ind, (b+c) = ind, (b)+ind, (c)(modo(m)) 


Proof: 


We are given: 


ord,, (a) = @(m) (6.3-33) 


Let 
k, =ind, (b) 


“9 a ind, (c) 


Then we have: 


a” =b(modm) 
a’ = c(modm) 
and so: 
a“ ea =bec(modm) 
or 
ght = Ae age) =h)e c(modm) 


We also have: 


qintdh?) = be c(mod m) 


From equations (6.3-39) and (6.3-40), we obtain: 


gintalee) ind, (b Hind,(c) ( 


=a mod m) 


From Proposition 6.1-9, we then have: 


ind, (b+c)= ind, (b)+ind, (c)(mod o(m)) 


(6.3-34) 


(6.3-35) 


(6.3-36) 


(6.3-37) 


(6.3-38) 


(6.3-39) 


(6.3-40) 


(6.3-41) 


(6.3-42) 


From this proposition and the next one, it can be seen that 
indices act similarly to logarithms. The primitive root 


corresponds to the base of the logarithm. 


Example 6.3-4 


Find all solutions of 5+x =3(mod7). 


Solution: 


Since ged(5,7)=1, from Proposition 5.1-2 we know there is 
exactly one solution of 5+x=3(mod7). We have 
¢(7)=7-1=6. Using indices with 5 as a primitive root of 7, 
we can use Proposition 6.3-7 to write: 

ind, (5)+ind, (x) = ind,(3)(mod6) 
or 

ind. (x)= ind, (3)—ind,(5)(mod6) 
From Table 6-6 we have: 

ind, (x)=5—1=4(mod6) 
and so using Table 6-5: 

x =2(mod7) 
so that 

5 «2 = 10 =3(mod7) 


If a is a primitive root of m, keN, and a=b(modm), then: 


ind, (b‘) = k+ind, (b)(modo(m)) 


Proof: 


We are given: 
ord, (4) = o(m) 
We have by definition of indices: 


qinddl®) — b(mod m) 


Hille 


= b* (mod m) 

Raising equation (6.3-44) to the power k: 
(as = b‘ (mod m) 

or 


ghindal®) = bé (mod m) 


From equations (6.3-45) and (6.3-47), we have: 


PieAe) i AED) (mod m) 


From Proposition 6.1-9, we then obtain: 


(6.3-43) 


(6.3-44) 


(6.3-45) 


(6.3-46) 


(6.3-47) 


ind, (b*)=k-ind, (b)(mod@(m)) (6.3-49) 


Example 6.3-5 


Find all solutions of 2+x° =5(mod7). 


Solution: 


First we need to select any primitive root of 7. We choose 3. To 
establish a table of indices, we calculate the congruences of 


powers of the primitive root 3 modulo 7: 


3' = 3(mod7) 
3° = 2(mod7) 
3° = 6(mod7) 
3* = 4(mod7) 
3° = 5(mod7) 
3° = 1(mod7) 


A table of indices can now be created for 3'”) = b(mod7) 
where ind,b < 6(7)=6. 


By taking indices of 2+x*°=5(mod7) and using Proposition 
6.1-9, we have: 


ind,(2+x°)= ind, (5)(mod¢(7)) 


From Proposition 6.3-7 we can write: 
ind, (2)+ ind, (x*)= ind, (5)(modo(7)) 
and using Proposition 6.3-8: 
ind, (2)+3-+ind, (x) =ind,(5)(mod6) 
and so from the above table of indices: 
2+3-ind,(x)=5(mod6) 
or subtracting 2: 
3+ind, (x) =3(mod6) 
so the solutions of this congruence (where ind,(x) is the 
unknown) are: 
ind, (x) =1,3,5(mod6) 
From the table of indices, we see that for indices 1, 3, 5 we 
have: 
= 3,009 
We obtain as solutions of the congruence 2+ x° =5(mod7): 


2+3' =54=5(mod7) 


2-6) = 432 = 5(mod7) 


If a and a’ are both primitive roots of m, then: 


ind, (b)= ind, (a’)+ind,.(b)(mod(m)) 


Proof: 
We have: 
a'“”) = b(modm) (6.3-50) 
a’™«\") = b(modm) (6.3-51) 
qi miale’) = a’ (mod m) (6.3-52) 


Let k, =ind,(b), k/=ind,,(b), and k, =ind,(a’). We then have: 


a" = b(modm) (6.3-53) 

a’ = b(mod m) (6.3-54) 

a’ =a’(modm) (6.3-55) 
Therefore: 

a =a’" (modm) (6.3-56) 


We can then write: 

(a‘ ie =(a’" i (mod mm) (6.3-57) 
or 

(a": )" =a’ (mod m) (6.3-58) 
From equations (6.3-55) and (6.3-58), we have: 


q'" = Gera 


mod m) (6.3-59) 
Using Proposition 6.1-9, we can write: 


k, =k,+k/(mod@(m)) (6.3-60) 
or 


ind, (b) =ind, (a’)+ind,.(b)(modo(m)) (6.3-61) 


If m has a primitive root, and if gcd(b,m)=1, then the 


congruence x* =b(modm) has a solution if and only if: 
po = (mod) (6.3-62) 


where d = gcd(k,(m)); moreover, if x* =b(modm) has a 
solution, it will have exactly d incongruent solutions modulo 


Mm. 


Proof: 


Let a be a primitive root of m. Then we have: 


ord,, (a) = @(m) (6.3-63) 
We are given: 

x" = b(modm) (6.3-64) 
We can write: 

a") = b(modm) (6.3-65) 
and 

a) = x(modm) (6.3-66) 
Raising to the power k: 

al = x4 (modm) (63-67) 


From equations (6.3-64), (6.3-65),and (6.3-67) we can write: 


keind,(x) ind,(b) ( 


a =a 


mod m) (6.3-68) 
From Proposition 6.1-9, we then have: 


kind, (x)= ind, (b)(mod(m)) (6.3-69) 


Let d=gced(k,o(m)). Equation (6.3-69) is a linear congruence 
with ind, (x) as the unknown. From Proposition 5.1-1, we know 


that this congruence (and therefore x“ = b(modm) ) is solvable if 


and only if d|ind,(b). We also know from Proposition 5.1-3 that 
there will be d incongruent solutions. 


From Euler’s theorem (Proposition 4.5-1) we have: 


ai”) = 1(mod m) (6.3-70) 
Using Euler’s theorem, we can write: 
gee = [ainste) = HO = 1(modm) (6.3-71) 


Taking indices of equation (6.3-71) using Propositions 6.1-9 and 
6.3-3, we have: 


o(m) 


——~ rind, (b) = 0(modg(m)) (6.3-72) 
This is equivalent to: 

o(m) , é 

on) vind, (b) = j+9(m) (6.3-73) 
where j is some integer. We then have: 

ind, (b) ; 

SE J (6.3-74) 


which requires d|ind,(b). From equations (6.3-65) and (6.3-71) 


we have: 


(6.3-75) 


for 


25=4#1(mod7) 
x" = b(modm) (6.3-76) 


Therefore x* = 5(mod7) has no solutions. 
to have any solutions. m 


Proposition 6.3-II Example 6.3.7 


If p isa prime number, and if gcd(b, p)=1, then the Find all solutions of x* = 2(mod7). 


congruence x“ = b(mod p) has a solution if and only if Slut 
olution: 


(7) =6 
d = gcd(k, (m)) = ged(4,6)=2 


pb’? = 1(mod p) 


where d = gcd(k, p—1); moreover, if x =b(mod p) has a 
solution, it will have exactly d incongruent solutions modulo 


P. and so: 
Proof: poe = 0-2 = Se) = 8 
Follows from Propositions 6.2-11 and 6.3-10. = 8 = I(mod7) 
Therefore x* =2(mod7) has 2 solutions. Testing 

Example 6.3-6 {1,2,3,4,5,6}, we find: 

Find all solutions of x° = 5(mod7). x=2 2° =16 = 2(mod7) 

Solution: x=5 5* = 625 =2(mod7) 

o(7)=6 


d = gcd(k,(m)) = ged(3, 6) =3 
and so: 


ee = 593 = 5° = 95 


Quadratic and Higher Order 
Congruences 


7.1 QUADRATIC CONGRUENCES WITH 
PRIME MODULI 


Congruences having the form: 
Ary +Bey+C =0(modm) (7.1-1) 


are general quadratic congruences. An integer y that satisfies 
equation (7.1-1) is considered a solution of the congruence. By 
convention, quadratic congruence solutions that belong to the 
same residue class (are congruent) are not considered to be 
distinct solutions. Solutions of quadratic congruences are 
square roots. It is possible in congruence theory for a number to 
have more than two distinct square roots. 

In this Section we will consider criteria for the existence of 
solutions of quadratic congruences. For the most part we will 
focus on congruences having prime moduli. 

Quadratic congruences can all be simplified into the form 
x° =r(modm) by completing the square. This process is easiest 
when gcd(4-¢A,m)=1 since we then can multiply equation 
(7.1-1) by 4+ A without changing the modulus m. 


If ged(4+A,m)=1 then all solutions of the congruence 
Aey' +Bey+C=0(modm) can be found by solving 


Proof: 
By multiplying A+-y'+Bey+C=0(modm) by 4+A and 
then adding B° —4+A+C to both sides of the equation, we have: 


4eA*sy'+4eA+Bey+B =B —4+A+C(modm) (7.1-2) 


or 

(2+Aey+B) =r(modm) (7A=3)) 
where 

r=B’-4eAeC (7.1-4) 
Letting: 

x=2¢Aey+B (7.1-5) 
we obtain: 

x” =r(modm) O<r<em (7.1-6) 
|_| 


The congruences given in equations (7.1-1) and (7.1-6) are 
equivalent, being simply different forms of the same 
congruence, and so they are either both solvable or neither is 
solvable. If they are both solvable, their solutions are related by 
equation (7.1-5). Therefore, to solve a quadratic congruence 


having the form of equation (7.1-1) where ged(4+A,m)=1, it is 


always sufficient to solve an equivalent congruence having the 


form of equation (7.1-6). 


Example 7.1-1 


Reduce the congruence 2+ y*+7+y+5=0(mod11) toa 


congruence having the form x° =r(mod11). 


Solution: 

The congruence 2+ y’ +7+y+5=0(mod11) has the form: 
Aey +Bey+C =0(modm) 

From Proposition 7.1-1 we have: 
r=B’—4+A+C =49-4+2-5=9 

and so: 
x” = 9(mod11) 

where: 


X=2°Acy+ B=2e2ey+7=4ey4+7 


If gcd(A, m) =1 then all solutions of the congruence 
Aey +B+y+C=0(modm) can be found by solving 

*=r(mod4+A+m) where r= B’ —4+A+C and where 
X=2eAcyt+B. 


Proof: 


Since A+ey'+Bey+C_ is divisible by m, multiplying 

Aey +Bey+C=0(modm) by 4*A and adding B’-4+A-C to 
both sides of the equation, we have: 

4eA° ey’ +4+A+Bey+B =B°—4+A+C(mod4+-A+m) (7.1-7) 


or 


(2+Aey+B) =r(mod4-A-+m) (7.1-8) 
where 

r= B’-4¢A-C (7.1-9) 
Letting: 

x=2¢Aey+B (7.1-10) 
we obtain: 

x” =r(mod4-Aem) O<r<4-eAem (Zool Tels) 
| 


Example 7.1-2 

Show that the square of every even integer x is congruent to 
0 modulo 4. 

Solution: 


Since x is even, we can write x in the form: 
X=2ek (keEZ) 
We then have: 


x” =4¢k* =0(mod 4) 


which is a valid congruence. 


7.1.1 DEFINITION OF QUADRATIC RESIDUES AND 
NONRESIDUES 

If a quadratic congruence x°=r(modm) is solvable, it 
means that r is congruent to some x modulo m where 
O<r<m. Therefore r is a perfect square modulo m. If 
gcd(r,m)=1 and if x° =r(modm) is solvable, then r is called a 
quadratic residue modulo m (see Table 7-1). From equation 
(7.1-4) we see that if r is a quadratic residue of m, then 
B’—4+A+eC must be a quadratic residue of m. Since r is 
relatively prime to m, so must x be. Therefore all quadratic 
residues modulo m can be found by squaring only those 
elements of a reduced residue system modulo m. 

If no integer x exists such that a quadratic congruence 
x°=r(modm) is solvable, then r is called a quadratic 
nonresidue modulo m. Therefore r is not a perfect square 
modulo m. Note that 0 is not a quadratic residue of m since 
gcd(0,m)=m #1, although x° =r(modm) is solvable with x=0. 
Also note that if ged(a,m) #1, then a is not classified as either a 
quadratic residue or as a quadratic nonresidue modulo m. If 
b=r(modm), then b is a quadratic residue modulo m only if r 


is a quadratic residue modulo m. 


Quadratic Residue 


Modulus 

5 

B 1 

7 
13,459 

17 

23 


Table 7-1 Quadratic residues for odd prime moduli < 23. 


Example 7.1-3 


Is the quadratic congruence x* = 6(mod11) solvable? 


Solution: 


Since the modulus is small, the solvability of x° =6(mod11) 
can be checked by testing the numbers relatively prime to 11 
{1,2,3,4,5,6,7,8,9,10} to determine their quadratic residues 


modulo 11. 


10° = 100 = I(mod11) 


We see that the quadratic residues modulo 11 are {1,3,4,5,9} 
and so 6 is not congruent to any square modulo 11. The 
quadratic congruence x°=6(mod11) is, therefore, not 


solvable. This means that 6 is a quadratic nonresidue modulo 
11. 


Example 7.1-4 


Determine the quadratic residues and quadratic nonresidues 
x =r(mod11). 


Solution: 

From Example 7.1-3, we have: 
ae ee oO a es Oe LO 
xmodll: 1 49533 59 4 1 

The quadratic residues modulo 11 are then: 
11,3,4,5,9} 


and so the quadratic nonresidues modulo 11 are: 
{2,6,7,8, 10} 


If p isan odd prime number and gcd(A, p)=1, then 
Aey +Bey+C =0(mod p) has: 


2 solutions if BY —4+ A+C is a quadratic residue modulo p 
1 solution if B’ —4+A+C is congruent to 0 
0 solutions if BY —4+*AeC isa quadratic nonresidue modulo p 
Proof: 
Since p is an odd prime number and gcd(A, p)=1, we 


have gcd(4+A, p)=1. From Proposition 7.1-1 we then can write 
the congruence A+ y+ B+ y+C =0(mod p) in the form: 


x° =r(mod p) O<r<p G7 leat) 


where 


r=B°—4+A+C (7.1-13) 


If r is a quadratic residue modulo p, we see from 
Proposition 6.2-7 that x°=r(modp) will have exactly 2 
incongruent solutions since p is an odd prime number and 
2|p-l. 

If r is congruent to 0 modulo p, then x° is congruent to 
zero, and so x° =r(mod p) will have exactly 1 solution. 

If r is a quadratic nonresidue modulo p, then by 


definition x° =r(mod p) will have no solutions. ™ 


If p isa prime number, then x° =a’ (mod p) if and only if 
x =+a(mod p). 


Proof: 
If we have: 


x =+a(mod p) (7.1-14) 


we can multiply the congruence by itself to obtain: 


x =a’ (mod p) GAAS) 


Conversely, if we have: 


x” =a’ (mod p) (7.1-16) 


then p|(x°-a*) or p|(x—a)+(x+a). From Euclid’s lemma 


(Proposition 2.4-1), we have p|(x-a) or p|(x+a), and so: 


x-—a=0(mod p) (7.1-17) 
or 

x+a=0(mod p) (7.1-18) 
Therefore 

x =+a(mod p) (7.1-19) 
mn 


Note that if p is not a prime number, then Proposition 


7.1-4 is not necessarily true (see Examples 7.1-5 and 7.1-6). 


No since 14 is a composite number. There are 4 solutions of 
x” = 36(mod14): 


XmtO and x= is 


Example 7.1-7 


Find all solutions of x° —4+x =0(mod21). 


Solution: 


We note that this congruence can be factored in two different 
ways: 

x«(x—4)=0(mod21) 
and 

(x-7)*(x+3)=x° —4¢x-21=x° —4¢x=0(mod21) 
There are then four distinct solutions of the congruence 
x° —4ex=0(mod21): x=-3,0,4,7 or x=0,4,7, 18 


Example 7.1-8 


Find all solutions of 2+ y’+5+y+2=0(mod11). 


Solution: 


This congruence has the form: 


Aey +Bey+C=0(modm) 


From Proposition 7.1-1 we have: 
r= B? -4-AeC =5° —4-2-2=9 
X=2eAcy+B=2e2eyt+5=4ey+5 
and so we obtain: 
> =9(mod11) 
From Proposition 7.1-4, x =+3(mod11), and so: 
x = 3(mod11) and = -3 = 8(mod11) 
or 
4ey+5=3(mod11) and 4+y+5=8(mod11) 


We then have: 


4+y=-2 =9(mod11) and 4+ y=3(mod11) 
Therefore the solutions are: 


v= 5 and v=o 


Example 7.1-9 


Find all solutions of 3+ y* +7+y+3=0(mod11). 


Solution: 


From Proposition 7.1-1 we have: 
r= B’-4¢AeC=T —4¢3+3=13 
x° =13=2(mod11) 


If p is an odd prime number and if 0< x < p, then 


x° =1(mod p) if and only if x =1 or x= p-l. 


Proof: 
If x=1, we have: 
x° =1=1(mod p) (7.1-20) 
If x = p—1, we have: 
eS Gp ee eo) (7.1-21) 
Conversely, if x° =1(mod p), then: 
p\(x -1) (7.1-22) 
or 
p\(x-1)e(x4+1) (7.1-23) 


and since p is a prime number, from Euclid’s lemma 


(Proposition 2.4-1) we have: 


p\(x-1) (7.1-24) 


or 


p|(x+1) (7.1-25) 


Since (0<x<p), if p|(x—1) then we must have x=]; if 


p|(x+1) then we must have x= p—1. = 


From Propositions 4.1-18 and 7.1-5 we see that: 


x° =xex' =1(mod p) (7.1-26) 


7.1.2 EXISTENCE OF QUADRATIC RESIDUES 


If p is an odd prime number and ged(a, p)=1, then the 
congruence x° =a(mod p) has either no solutions or exactly two 
distinct solutions. If x, is one solution, then p—x, is the second 


incongruent solution. 


Proof: 
Since gced(a,p)=1, we have a#0. From Lagrange’s 
theorem (Proposition 6.2-5), we know that the congruence 


x° =a(mod p) (7.1-27) 


has at most two solutions. 
If a is a quadratic nonresidue modulo p, then equation 


(7.1-27) has no solution, and the proposition is true. 


If a is a quadratic residue modulo p, we know that 
equation (7.1-27) has at least one solution. Let this solution be 


x = x,. We then have: 


x, =a(mod p) (7.1-28) 
But if x, is a solution, then so is p—x,: 
(p—x)) =p? —2+x)°p+x2 = x2 (mod p) (7.1-29) 


Moreover, the two solutions x, and p—x, are incongruent 
solutions of x° =a(mod p). To see this, we assume the contrary: 


that they are congruent solutions of x7 =a(modp). 
yj § Pp 


Xy = p—X,(mod p) (7.1-30) 
or 

X) =—X, (mod p) (7.1-31) 
Then 

2 +x, = 0(mod p) (FAle32) 
Since p is an odd prime number: 

gcd(2, P) =] (7.1-33) 
We can then divide equation (7.1-32) by 2: 

X) = 0(mod p) (7.1-34) 
and 

x, = 0(mod p) (7.1-35) 


Then a=0 in x°=a(modp) and so contrary to our original 
proposition, we have gcd(a, p)=gcd(0, p)= p#1. 
Therefore x, and p-x, must both be incongruent 
(distinct) solutions of x° =a(modp). We can conclude that if 
*=a(modp) has one solution x,, it has exactly two distinct 


solutions x, and p—x,.™ 


Example 7.1-10 


Show that x° = 5(mod11) has two solutions. 


Solution: 
x=4 and x=11-—4=7 are both solutions. 


16 = 5(mod11) 


49 = 5(mod11) 


Example 7.1-11 


Show that x° =1(mod2) does not have two solutions. 


Solution: 


x=1 is one solution, but x =2-—1=1 is not a distinct solution; 
it is the same solution. Note that 2 is not an odd prime 


number and so Proposition 7.1-6 does not apply. 


Example 7.1-12 


Show that x° =1(mod8) has more than two solutions. 


Solution 
1° =1=1(mod8) 
2° =4#1(mod8) 
3° = 9 =1(mod8) 


The solutions are 1, 3, 5, and 7. Note that 8 is not an odd 


prime number and so Proposition 7.1-6 does not apply. 


Every odd prime number p has exactly (p—1)/2 quadratic 
residues and exactly (p—1)/2 quadratic nonresidues. 


Proof: 
To determine the number of quadratic residues that exist 
for any given odd prime number p, we can compute the least 


positive residues modulo p for the squares of the integers 


1,2,3,---,(p—1) in the reduced residue system modulo p. The 
total number of least positive residues in the reduced residue 
system modulo p is then p-1. 

We know from Proposition 7.1-6, however, that each 
quadratic residue must be the square of two distinct elements 
of the reduced residue system modulo p. This means that the 
number of quadratic residues that exist for any given odd 
prime number p is exactly (p—1)/2. It follows then that the 
number of quadratic nonresidues that exist for any given odd 


prime number p is exactly (p-1)/2.™ 


Example 7.1-13 


Verify Proposition 7.1-7 for p=11. 


Solution: 


From Example 7.1-3 we have: 


Since it can be difficult to find the solutions of a quadratic 


congruence x° =a(mod p), it is useful to have a method that at 
least indicates whether solutions of the quadratic congruence 
exist for a given residue a. In 1784 Euler published a method 
for determining if an integer is a quadratic residue of an odd 


prime number. His method is now known as Euler’s criterion. 


If p is an odd prime number, and if gcd(a, p)=1, then a isa 
quadratic residue of p if and only if a")? =1(mod p). 


Proof: 


If a is a quadratic residue of p then: 


x° =a(mod p) (7.1-36) 


has some solution b so b*=a(modp). Note that a#0 since 
gcd(0, p)= p #1. Since ged(a, p)=1, we know from Proposition 
3.3-4 that we have gcd(b, p)=1. From Fermat's little theorem 


(Proposition 4.3-2), we obtain: 


b? =1(mod p) (7.1-37) 
We can then write: 
(»?)"”” =1(mod p) (7.1-38) 
or, since a is congruent to b’: 
a’) =1(mod p) (7.1-39) 
Conversely, let 
gh)? = 1(mod p) (7.1-40) 


We know from Proposition 6.2-11 that p has a primitive root. 


Letting c be a primitive root of p, we have: 
c‘ = a(mod p) (7.1-41) 


for some positive integer k, where 1<k<p-1. Raising 


equation (7.1-41) to the (p—1)/2 power, we have: 


cP N? = g'?)? (mod p) (7.1-42) 
From equations (7.1-42) and (7.1-40), then: 

cP)? = 1(mod p) (7.1-43) 
Since c is a primitive root of p, we have: 

ord ,(c)=p-1 (74) 


and so (p—1)|k+(p—1)/2. Therefore k must be an even integer 


and we can let k=2+ 7. We then have from equation (7.1-41): 
(7.1-45) 


and so a is a quadratic residue of p. This proposition is known 


as Euler’s criterion. m 


Example 7.1-14 


Determine if 5 is a quadratic residue of 11. 


Solution: 
From Euler’s criterion (Proposition 7.1-8), we have: 
5 =5) = 3105 —Imodii) 


Therefore, by Euler’s criterion, 5 is a quadratic residue of 11. 
In fact we have 4° = 16=5(mod11). 


Example 7.1-15 

If p is an odd prime number, show that p-—1 is a quadratic 
residue of p only if p=1(mod4). 

Solution: 


From Euler’s criterion (Proposition 7.1-8), we have: 


(p-1)""" =(-1)""* = 1(mod p) 


But this congruence will be valid only if (p—1)/2 is even. We 


must then have: 


el = )ek 
2 
where k is some integer. Therefore: 
p=l4+4ek 
or 
p=1(mod4) 


If p is an odd prime number, and if gcd(a, p)=1, then a isa 
quadratic nonresidue of p if and only if a'”""” =-1(mod p). 


Proof: 
Let a be a quadratic nonresidue of p. From Euler’s 


criterion (Proposition 7.1-8) we then have: 


a”)? #1(mod p) (7.1-46) 


From Fermat's little theorem (Proposition 4.3-2), we have: 


a?’ =1(mod p) (FAlA7) 
or, since p is odd, p—1 is even, and we can write: 
Aisleca ie (gee 7 1)-(al?? A 1) = 0(mod p) (7.1-48) 


Therefore we have either: 


(7.1-49) 
or 


(7.1-50) 


But from equation (7.1-46) we know that equation (7.1-50) is not 
possible. Therefore if a is a quadratic nonresidue, we must 


have a'’)* =-1(mod p). 


Conversely, if 


q?)? = —1(mod p) (Zale Sls) 
then we cannot have: 
a’)? =1(mod p) (7.1-52) 


If both equations (7.1-51) and (7.1-52) were true, we would 


have: 


1=-1(mod p) (7.1-53) 
or 


2 = 0(mod p) (7.1-54) 


which is impossible since p is an odd prime. Therefore, if 


a’)? =_1(mod p), then a must be a quadratic nonresidue. m 


If p is an odd prime number, and if gcd(a, p)=1, then a is a 
quadratic residue or nonresidue of p depending on whether 


a’) =1(mod p) or a’? =-1(mod p), respectively. 


Proof: 
Follows from Propositions 7.1-8 and 7.1-9. m 


If p isan odd prime number, then every primitive root of p is a 


quadratic nonresidue. 


Proof: 
Let a be any primitive root of p. We then have: 


a?’ = 1(mod p) (7.1-55) 


and we can write: 


a?'—1=(a?)?-1)-(a?? +1)=0(modp) —_(7.1-56) 
Therefore we have either: 

a’)? = 1(mod p) (7.1-57) 
or 

a’) =_1(mod p) (7.1-58) 


Comparing equations (7.1-55) and (7.1-57), it is clear that 
equation (7.1-57) is not possible. Therefore we have equation 
(7.1-58), and so every primitive root of an odd prime number p 


is a quadratic nonresidue. m 


7.1.3 FINDING SOLUTIONS OF QUADRATIC 
CONGRUENCES 
Although Euler’s criterion (Proposition 7.1-8) tells us 
whether a quadratic congruence has solutions for a given 
residue, it does not tell us how to find the solutions if they exist. 
The following proposition and examples provide some 
methods for finding solutions of quadratic congruences. 


If p is an odd prime number and ged(a, p)=1, 


and if solutions of x° =a(mod p) exist, then: 


(p+1)/4 ( 


x=ta mod p). 


Proof: 
If solutions of x° =a(modp) exist, from Euler’s criterion 


(Proposition 7.1-8) we have: 


Qh)? = 1(mod p) (7.1-59) 
Multiplying by a: 

qu? -a=a(mod p) (7.1-60) 
or 

QP)? = a(mod p) (7.1-61) 
and so: 

pee if = a(mod p) (7.1-62) 


Comparing this equation with x° = a(mod p), we have: 


(+4 (mod p) (7.1-63) 


x=ta 


or 

x =+5°(mod11) 
Therefore: 

x” = 5° = 5(mod11) 
and so: 

5° =1(mod11) 


or 
3125—1=0(mod11) 


Since 11|3124, this is a valid congruence (see Example 
7.1-14). Therefore x =+5°(mod11). 


Example 7.1-18 


Find all solutions of x° = 5(mod31). 


Solution: 

From Euler’s criterion (Proposition 7.1-8), we have: 
5010? _ 515 (5%) = 15 = 1(mod31) 

since 
5° =125 =1(mod31) 


Therefore, by Euler’s criterion, we know x* =5(mod31) has a 
solution. We will continue to add multiples of the modulus 


31 to 5 until we obtain a square. 


x° = 5=36=6 (mod31) 


and so x=6 and x=31-—6=25 are the two solutions of the 


quadratic congruence x* = 5(mod31). 


Example 7.1-19 


Find all solutions of x* =13(mod61). 


Solution: 


From Euler’s criterion, we have: 


10 


1361)2 ~ 13° =(13°) Oe 1(mod61) 
since 
13° =2197= 1(mod61) 


Therefore, by Euler’s criterion (Proposition 7.1-8), we know 
x° =13(mod61) has a solution. We will continue to add 


multiples of the modulus 61 to 13 until we obtain a square. 
x° =13=74=135=3° «15(mod61) 

Continuing to add 61 to 15: 
15 = 76 =2° «19(mod61) 

Continuing to add 61 to 19: 
19 = 80 =2° +20(mod61) 

Continuing to add 61 to 20: 


From Proposition 7.1-9, we have: 
Qh)? = —1(mod p) (7.1-67) 
p'”)? = _1(mod p) (7.1-68) 


Therefore we have: 


(a+b)? =(-1)+(-1)=1(mod p) (7.1-69) 


and so a+b is a quadratic residue of p. m 
If a and b are two quadratic residues of an odd prime number 


p, then aeb is also a quadratic residue of p. Proposition 7.1-15 (Gauss, 1801, Article 98): 


Drea If a 1s a quadratic residue and b 1s a quadratic nonresidue of an 


dd pri b th obi drati id : 
From Euler’s criterion (Proposition 7.1-8), we have: CSE UNL OCE ED ACU HEA CUI Coy Ure 


a)” =1(mod p) (7.1-64) Proof: 
Gane (7.1.65) From Proposition 7.1-10, we have: 
bY“~’* =1(mod AE 
oe a’)? =1(mod p) (7.1-70) 

Therefore we have: 

(a+b)”)? =1-1=1(mod p) (7.1-66) pir) = -1(mod p) (7.1-71) 
and so aeb is a quadratic residue of p. m Therefore: 
Proposition 7.1-14 (Gauss, 1801, Article 98): (a+b) =1+(-1) = —1(mod p) (7.1-72) 

If a and b are two quadratic nonresidues of an odd prime and so a+b is a quadratic nonresidue of p. ™ 


number p, then aeb is a quadratic residue of p. 


Proof: 


nonresidues. From Proposition 7.1-11 we know that any 
Example 7.1-20 primitive root of p is a quadratic nonresidue of p. From 
Proposition 6.2-4 we know that p has $((p))=0(p-1) 


primitive roots. For every quadratic nonresidue of p to be a 


If p is an odd prime number and q is the smallest positive 


quadratic nonresidue of p, show that g must be a prime 


number primitive root of p, we must have: 


o(p-1)=2= (741-73) 


Solution: 
We will assume that g is a composite number with a prime For equation (7.1-73) to be true, we must have: 


factorization of: F 
p-1=2 (7.1-74) 
q =de b 


; as shown in Proposition 3.4-9. Therefore: 
Since g is a quadratic nonresidue of p, we know from P 


Proposition 7.1-15 that either a or b (but not both) must be a p=2* +1 (7.1-75) 
quadratic nonresidue of p. However, if this is true then q - 
would not be the smallest positive quadratic nonresidue of p. Hpasenee: 


Therefore, contrary to our original assumption, g must not be 


If a isa primitive root of p where p is an odd prime number, 
a composite number; g must be a prime number. 


then the even powers of a: 


p} f = 
Proposition 7.1-16: Be ee 


If pi i | : ic resi 

if _ 2 ay one sales ee, j ge a ee es are congruent to the quadratic residues modulo p, and the odd 
=2° +1. 

p isa primitive root of p if and only if p powers of a: 


Proof: CIT ik) ea ea 


F P iti 71-7 kn that h tl 
bee eer neers gig ieee are congruent to the quadratic nonresidues modulo p. 


(p-1)/2 quadratic residues and exactly (p—1)/2 quadratic 


Proof: 


We will consider the congruence: 


x° =a’ (mod p) (7-476) 


where j is an even number. We then can write j=2ek. 


. . 2 
Therefore a/ =a“ = (a‘) , and so: 


x= (a' y = a’ (mod p) (aleZZ) 


Therefore a’, where j is an even number, are quadratic 
residues modulo p. 

We know from Proposition 7.1-7 that p has exactly 
(p—-1)/2 quadratic residues modulo p. We also know from 
Proposition 6.2-3 that there are only p—1 distinct powers of a: 
a’,a’,a’,---,a”"’ modulo p, and so there will be (p-1)/2 
incongruent even powers and (p-1)/2 incongruent odd 
powers of a modulo p. Therefore the quadratic residues 


modulo p are congruent to the even powers: 


GHG ea (7.1-78) 
and the quadratic nonresidues modulo p are congruent to the 
odd powers: 

PRG aa cep Te hey: (7.1-79) 

o 


7.2 LEGENDRE’S SYMBOL 
In 1798 Legendre introduced a symbol that has proved to 


be extremely useful in number theory. His symbol (a/p) for the 
congruence x° =a(mod p) is defined by: 


1 ifaisa quadratic residue of p and p ja 


a 0 if a=0(modp) and so pla (7.2-1) 


-l if ais a quadratic nonresidue of p and phe a 
where p is an odd prime number. This can also be written as: 


1 if x =a(mod p) is solvable and p/a 
a 
(=| =) 0 if 0=a(mod p) and so pla (7.2-2) 
-1 if x* =a(mod p) is unsolvable and pha 


Therefore if p HH a the Legendre symbol (a/p) indicates if a is a 


perfect square modulo m. 


If p is an odd prime number and a is a positive integer where 
gcd(a, p)=1, then we have: 


/ 
gh? = (moa P) (7.2-3) 
P 


Or 


(=) =a’) (mod p) (7.2-4) 


Proof: 
Follows directly from Proposition 7.1-10 and the definition 


of the Legendre symbol (a/p) given in equation (7.2-2). m 


Therefore the Legendre symbol concisely _ states 
Proposition 7.1-10, and so indicates whether or not a quadratic 
congruence has a solution. Equation (7.2-4) includes Euler’s 
criterion. 


From equation (7.2-4) we see that: 


| a (7.2-5) 


Zz 


If p is an odd prime number and a and b are any integers 


where ged(a+b, p)=1, then if a=b(mod p), we have: 
Py P 
Proof: 


If a=b(modp), then x° =a(modp) has a solution if and 
only if x° = b(mod p) has a solution. Therefore a and b are both 
either quadratic residues or quadratic nonresidues. Therefore 


we have: 
So a 
<| 2 # (72-6) 
\P P, 


If we have a= b(mod p) where b <a, then we can then use 
Proposition 7.2-2 to evaluate the simpler Legendre’s symbol 
(b/ p) rather than (a/p). 


Example 7.2-2 


102 
Determine (=) : 


Solution: 


We can write: 
(Qa 4a2° (mod 7) 


Therefore 102 is a quadratic residue of 7 and so from 


Proposition 7.2-2 we have: 


Ele 


Using equation (7.2-4) to evaluate (=) 


Example 7.2-3 


Determine Ga : 


Solution: 


Not defined since 11|121. 


Example 7.2-4 


Determine the Legendre symbol (=). 


Solution: 


Not defined since 10 is not an odd prime number. 


Example 7.2-5 


Determine & ) : 


Solution: 


We can write: 
52 = 3(mod7) 


Therefore using Proposition 7.2-2: 


8}8 


From equation (7.2-4) we then have: 


Therefore: 


8) 


and so 52 is a quadratic nonresidue modulo 7. This can be 
seen from Table 7-1 since 6 is not a quadratic residue of 7. 


Example 7.2-6 
For all the squares modulo 11 determine the quadratic 


residues and quadratic nonresidues. 


Solution: 

From Example 7.1-3 the squares modulo 11 are: 
1° = 1(mod11) 
2° = 4(mod11) 


3° = 9(mod11) 


( ) 
( ) 
6° = 36 = 3(mod 11) 
7 = 49 =5(mod11) 
8? = 64 = 9(mod!1) 
9? =81 =4(mod11) 


10° = 100 = 1(mod11) 
We then have: 


ar a-(Ar aE 


and 1, 3, 4, 5, and 9 are quadratic residues modulo 11. 


Therefore we must have: 


Gil-li}-a)-ti)-Ga}- 


and 2, 6, 7, 8, and 10 are quadratic nonresidues modulo 11. 


If p is an odd prime number, then: 
p-l 
ay (=) =) 

P 


Proof: 
From Proposition 7.1-7 we know that every odd prime 
number has exactly (p—1)/2 quadratic residues and exactly 


(p—-1)/2 quadratic nonresidues. Therefore in the sum: 


pal i 
>(2] ~() (7.2-7) 


ell 


half the terms are 1 and the other half -1. = 


The Legendre symbol has the important property of being 
multiplicative in the numerator. This property allows many 
computations involving Legendre symbols to be considerably 


simplified. 


If p is an odd prime number and if a and b are any integers 
such that pfasb, then: 


G eed 
(PJ \ Pp | p | 
Proof: 


From equation (7.2-4) we have: 


G \ ee a 
<\,2 = gl? )? pr)? =(qep)?)” = fe : J(oa p) (7.2-8) 
P 


Since the Legendre symbols are equal only to +1 or -1 for this 


congruence, then we must have: 


CNet os 
a C de = |=-2.0,0r2 (7.2-9) 
PFE P 


Since p is an odd prime (p>2), p can only divide 0 and so we 


must have: 


(7.2-10) 


(2) (2) (226 
ee, P, P 


This proposition is important for it tells us the following: 


1. The product of two quadratic residues modulo p is a 


quadratic residue modulo p. 


2. The product of two quadratic nonresidues modulo p is 


a quadratic residue modulo p. 


3. The product of a quadratic residue modulo p and a 
quadratic nonresidue p is a quadratic nonresidue 


modulo p. 


Using Proposition 7.2-4, we see it is simple to prove 
Propositions 7.1-13, 7.1-14, and 7.1-15. 


Therefore: 


ee tar \ 
- = |= <\(4 Sel 
P \P P) 


and so ab is also a quadratic residue of p. 


If p is an odd prime number and ged(a, p)=1 then: 


{2 
£)-1 
.P 


Proof: 
From Proposition 7.2-4 we have: 
(fies ig Coes 
[ay ak yaaa -a, 
Py le | L le 
Since 
“|\=41 
(Py 
we get 
a 
P 
ai 


(7.2-11) 


(7.2-12) 


(7.2-13) 


Example 7.2-8 
Is x* = 970(mod31) solvable? 


Solution: 


We can write: 
970= 9(mod 31) 


Therefore using Propositions 7.2-2 and 7.2-5: 


) (3) 


and so x° = 970(mod31) is solvable. 


Example 7.2-9 


Determine (=) : 


Solution: 
900 = 25+36=5° +6 
From Proposition 7.2-4 we have: 
Cra}, 
a i i 
From Proposition 7.2-5 we have: 


[e etea= 
7 


Example 7.2-10 
Show that: 


AS)-(5) 


where p is an odd prime number and gcd (a, p)=1. 


Solution: 
From Proposition 7.2-4 we have: 
eee ele aL(e 

we FAG aay 


From Proposition 7.2-5 we have: 
SRC 


Example 7.2-11 


Determine (= : 


A 
| 


Solution: 


We can write: 


469 = 4(mod31) 


Using Proposition 7.2-2, we then have: 


Eanes 
l 31) X31 
Therefore, from Proposition 7.2-5: 


(<2 of ei 
Si ae e 


Me 


If p is an odd prime number and q is a prime number where 


p#q, then: 


Proof: 


Follows from Proposition 7.2-4. m 


Example 7.2-12 


37: 
Determine [ ~- 


Solution: 
(32). ue 
nis ais 


From Propositions 7.2-4 and 7.2-5, we have: 


In the following proposition we see that —1 is a quadratic 


residue modulo p if and only if p=1(mod4). 


If p is a prime number, then: 


eh 


/ 


if p =1(mod4) 


if p =3(mod4) 


Proof: 


From equation (7.2-4) we have: 


eet | (p-1)/2 
oe =(-1)"’ (mod p) (72a 
PB. 
If (p—1)/2 is even, we have: 
—| 
a =| (7.2-15) 
ey, 
and 
ee or p=ke4+l (7.2-16) 


Therefore —] is a quadratic residue of p if and only if: 


p= I(mod 4) (7.2-17) 
If (p—1)/2 is odd, we have: 
—] 
Es =—|] (7.2-18) 
\ P yp) 
and 
p-1 
ne =ke2+1 or p=k+44+3 (7.2-19) 


Therefore —1 is a quadratic nonresidue of p if and only if: 


p =3(mod4) (7.2-20) 


From Proposition 7.2-7, we see that if p=1(mod4), then it 


is possible to find the square root of -1 modulo p. 


Example 7.2-13 
Are the following congruences solvable? 


x” = 18(mod19)=~—1(mod19) 


x” = 28(mod 29) = —1(mod 29) 


Solution: 
We can write: 
19 = 3(mod 4) 
Using Proposition 7.2-7, we have: 


a 


7 


and so the congruence x* =18(mod19) is not solvable. 


We can write: 
29 = 1(mod 4) 
Using Proposition 7.2-7, we have: 


Bs 


2 


and so the congruence x° = 28(mod29) is solvable. 


Example 7.2-14 


Determine (=) 
59 


Solution: 


From Proposition 7.2-4, we have: 
(=!6).(!8)(21)-(£).(2) 
59) \59) 59) (59) (59) 
From Proposition 7.2-5, we have: 
= aA = 
Percy 
59 59) \ 59 
We can write: 


59 = 3(mod4) 


and so from Proposition 7.2-7, we have: 
3) 
59} \ 59) — 


Example 7.2-15 


Show that all prime divisors of x° +1 are of the form 4-k+1. 


Solution: 


We can use Proposition 7.2-7 to write: 


es if p=1(mod4) 
PY 

Therefore: 
x” =—1(mod p) if p-1=4+k 


or 
x” +1=0(mod p) if p=4ek+1 


so that if p|x° +1 then p=4-k+1. 


Example 7.2-16 
Show that there are infinitely many prime numbers that are 


congruent to 1 modulo 4. 


Solution: 


We will consider the product of all prime numbers p, that are 


congruent to 1 modulo 4: 


C= Pit Pps? -* PP, 
where 
P, =1(mod 4) 


Therefore each prime number p, has the form: 
p=4-j+l 
where /j is some integer. We can define a new integer b: 


b=(2-a) +1 


From Proposition 1.4-1 we know that b has a prime 


factorization: 
b= I qi 


so that: 

b= 0(mod q;) 
The qg, prime factors of b are different from the p, prime 
factors of a since p, V b because p, He 1. We have: 

(2*a) +1=0(modgq,) 
or 

(2*a) =-1(modq,) 
and so —1 is a quadratic residue modulo g, and we have: 
BE 
Gi) 
From Proposition 7.2-7 we then have: 

g, =1(mod4) 
and so it will always be possible to find one more prime 
number that is congruent to 1 modulo 4 than is in the product 


a. Therefore an infinite number of prime numbers exist that 


are congruent to 1 modulo 4. 


If a is a quadratic residue of an odd prime number p, then —a is 


also a quadratic residue of p if and only if p=\(mod4). 


Proof: 
If a is a quadratic residue of p, using Proposition 7.2-4 we 


can write: 


SMEHe(2) can 


By Proposition 7.2-7 we then have p=1(mod4). 


Conversely, if we have p=1(mod4), then by Proposition 
7.2-7 we have: 


2 25 (7.2-22) 
Therefore: 


e-h-les) oe 


Therefore —a is a quadratic residue of p if and only if 
p=1(mod4). = 


If p is an odd prime number, then: 


(=) a (ie? 


Proof: 


From equation (7.2-4) we have: 


or 

( 

[= }-(-1)""* =0(modp 
Since 

(2 

ae 
we have: 


+1—(-1)””” =0(mod p) 


(7.2-24) 


(7.2-25) 


(7.2-26) 


(7.2-27) 


(7.2-28) 


the left side of this equation is -2, 0, or 2. But -2 and +2 are not 
possible if p is an odd prime number since we then have p>2. 


Therefore in equation (7.2-25) we must have: 


(7.2-29) 


p#q, then: 


d |= if k is even 
P 


x 
= (+ if k is odd 
P 


Proof: 
If k is even, then by Propositions 7.2-5 and 7.2-4: 


eHeHe)-" 


If k is odd, then by Proposition 7.2-4 and equation 
(7.2-30): 


(7.2-30) 


(Zee: ye 4 72-31) 
.P | Urey ewe 8, P, Pp 


7.3 GAUSS’ LEMMA 
An important proposition developed by Gauss (1801) is 


known as Gauss’ Lemma. It will be used in the next Section to 


prove the quadratic reciprocity law. 


If we have the following: 


e p isanodd prime number 


* ecd(a, p)=1 


e _ the set G consisting of the integers: 


; (2 ).a} (7.3-1) 


» xn is the number of the least residues of these integers 


G=ha 20a, 3°a, 


modulo p that are greater than p/2 


then a is a quadratic residue or a quadratic nonresidue of p 


depending on whether n is even or odd, respectively; that is: 


Proof: 

Given that gcd(a, P) =1, we know that the integers in the 
set G are incongruent modulo p. If 7,,7,7%,---,7,, are the least 
residues modulo p of the integers in the set G with 0<7r,<p/2, 
and if s,,5,,53,::*,8, are the least residues modulo p of the 


a Nn 


integers in G with p/2<-s, <p, we then have: 


m+n= aa (7.3-2) 


No two of the r, are congruent modulo p. To show this, 
we assume the opposite. For some k, and some other k, we 


would then have: 
k,»a=k,+a(mod p) (7.3-3) 
or 


(k, -k, )*a=0(mod p) (7.3-4) 


where 0<k,<(p-1)/2 and 0<k,<(p-1)/2. Since we are 
given gcd(a, p)=1, we must then have k, =k, contrary to our 
assumption that k, and k, are different. Using a similar 
argument, it can be shown that no two of the 5; are congruent 
modulo p. 

We will let S be the set: 


S= {Nt tyettt ys P—S,> P— Sos P—S35°7*s pS, $ — (7.3-5) 


We know that all integers in the set S are positive integers 
< p/2, and that there are (p—1)/2 integers in this set. We now 
wish to show that no two of the integers in the set S are 
congruent modulo p. We already know this to be true for all 7, 
and, separately, for all Se Therefore it is true for all P=s-<-lo 
show that it is also true that no 7, is congruent modulo p to any 


p—s,, we assume the opposite for some i and /: 


r= p—s, (mod p) (7.3-6) 
We then have: 
r. +s, =0(mod p) (7.3-7) 


Since the 7, and s, are least positive residuals of the integers in 


the set G, we know that for some integers u and v, we have: 


r, =uea(mod p) (7.3-8) 


s,=vea(mod p) (7.3-9) 


J 


where I1<us(p-1)/2 and Isvs(p-1)/2. Equation (7.3-7) 
then becomes: 


(u+v)-a =7r,+5,= 0(mod p) (7.3-10) 
Since ged(a, p)=1, we must have: 
u+v=0(mod p) (7.3-11) 


and p|(u+v). But this is impossible since 2<u+vsp-l. 
Therefore all the integers in the set S are incongruent to each 
other modulo p and so are distinct. Since there are (p—1)/2 
elements in S$ and since they are all <p/2, the elements of S 
must be equal in some order to the integers: 


12,3, 2] 


7.3-12 
oF ( ) 


Therefore the product of the elements of the set § is equal to 
| (p—1)/2 |! and so we have: 


(Eo han Sse [xe nc ef ce IAS 0 1) Spe) fein met) iS (7.3-13) 


Therefore: 


[Po rer ey o(-si)e(-ay eels, (mod p) (73-14) 


,(modp) — (7.3-15) 


[Po (Ay ene et LEN Set eet) 


Z 
Since 7,15 Tasty 518, 53,°°°, 8, are all congruent to the 


elements of G in some order, we can rewrite equation (7.3-15) 
S: 


\ 


1 \ =i 
= -|+a(mod p) (7.3-16) 


(2 ey Snipe Ieee 


VARESE 


or 

(2 hs Qh)? +[ P=) (am0dp) (7.3-17) 
Since ( p-l)/ 2 |! is relatively prime to p, we can cancel terms 
is equation (7.3-17) to obtain: 

1=(-l)'- g?)? (mod p) (7.3-18) 
Multiplying by (-1)’: 

(-1)'= ql? )? (mod p) (7.3-19) 
From equation (7.2-4), we then have: 

(=) Je (7.3-20) 

P 


sper 


and so 8 is a quadratic nonresidue modulo 13. This result can 
be checked using Euler's criterion (Proposition 7.1-8). If 8 is a 


quadratic nonresidue of 13, we must have: 
git? = 8° =—1(mod13) 
We see that: 
8? = 64 =—1(mod 13) 
(8?) =8° =(-1) =—1(mod13) 


and so from Proposition 7.1-8 we see that the above result is 


correct. 


Example 7.3-2 


Determine (= | using Gauss’ lemma. 


Solution: 

We are given p=13, (p—1)/2=6, and a=2. Let G be the set: 
Gia11-2 222, 322,452 5-2 662+ 

The least residues modulo 13 of the integers in G are: 2, 4, 6, 


8, 10, 12. Note that each of these residues is less than p=13 


and so the least residues modulo 13 equal the elements of the 


set G. We have n=3 since three of these residues are greater 
than p/2=6.5. Therefore: 


and so 2 is a quadratic nonresidue modulo 13. 


Example 7.3-3 


Determine if x° =9(mod13) has a solution using Gauss’ 


lemma. 


Solution: 

We are given p=13, (p-1)/2=6, and a=9. Let G be the set: 
G={1+9, 2+9, 3+9, 4-9, 569, 6-9} 

The least residues modulo 13 of the integers in G are: 9, 5, 1, 


10, 6, 2. We have n=2 since two of these residues are greater 
than p/2=6.5. Therefore: 


and so 9 is a quadratic residue modulo 13. This can be 
verified: 


* = 3(mod 13) 


9* = 81? =3° (mod 13) 


Gauss’ lemma can be used to determine which primes 


have 2 as a quadratic residue. 


If p is an odd prime number, then: 


Ze if p=1(mod8) or p=7(mod8) 


if p =3(mod8) or p=5(mod8) 


or 
es if p=+1(mod8) 
ee 
(2)--1 if p=+3(mod8) 
p 
Proof: 


From Gauss’ lemma (Proposition 7.3-1), we have: 


ec 


/ 


(7.3-21) 


where n is the number of least residues modulo p of integers 


in the set: 


G=]e2, met lee (7.3-22) 
that are greater than p/2. 

All (p—1)/2 of the integers in the set G are greater than 1 
and less than p (since the largest integer in G is p-1). 
Therefore the least residues modulo p of integers in the set G 
are exactly equal to the integers in the set (see Example 7.3-2). 
To find the number n of least residues greater than p/2, we can 
then simply count the number of elements in the set G that are 
greater than p/2. 

If we represent any element in G by 2k, where 
Il<k<(p-1)/2, then we will have 2-k<p/2 if and only if 
k<p/4. Therefore the number of elements n in G that are 
greater than p/2 is given by the total number of elements in G 


minus the greatest integer function | | of p/4 (see Section 2.2): 


n= P| o 
2 4 


For k<p/4, we have 4¢k<p. Since p is an odd prime 


(7.3-23) 


number, this leads us to consider p=2+(4+k)+r where r is an 
odd number modulo 8. Therefore we will consider the 


following cases: 


Case 1 p=1(mod8) p=8ek+1 and so: 
Case 2 p =3(mod8) Eas n=Aek+2—|2ek4 let |=d4ek+2-(2ek+) (7.3-29) 
Case 3 p =5(mod8) p=8ek+5 
or 
Case 4 p=7(mod8 p=8ek+7 
( n=2ek+1 (7.3-30) 
Case1: If p=8+k+1, we have: 
: res op Case 4: If p=8+k+7, we have: 
_8 ae | 8 | (73-24) 
3 y= SAT) ST 73-31) 
; 2 4 
and so: 
| and so: 
n=Aek-| Deke i |=dek—2ek=2ek (7.3-25) : 
; n=dek+3-|2ek4 142 [adh 3—(2ek41) (7.3-32) 
Case2: If p=8+k+3, we have: or 
e —_ ry n=2ek+2 723-33 
1 Br k+3 [8 aa (7.3.26) ( ) 
2 : Therefore n is even if p=8+ek+1 or p=8+ek+7, and n is 
and so: odd if p=8+k+3 or p=8+k+5. From equation (7.3-21) we 
3 then have: 
n=deke1-|2ek42 [deh 1—2ek Dek (7.3-27) 
(2) if p=1(mod8) or p=7(mod8) = (7.3-34) 
P 
Case3: If p=8+k+5, we have: 
f 
i a ; ei s 
Ge Se (73-28) (2) --1 if p=3(mod8) or p=5(mod8) — (7.3-35) 


Note that these equations can also be written as: 


2 A | if p= +1(mod8) (7.3-36) 
PY 
2 
2 =-l| if p=+3(mod8) (7.3-37) 
P 


We can conclude that 2 will be a quadratic residue of an odd 


prime p if p satisfies p=1(mod8) or p=7(mod8). m 


The evaluation of a Legendre symbol (a/p) where p is an 
odd prime number, and a is an integer having the prime 


factorization: 
a= 2 gh egy egy erred,’ (7.3-38) 


can be accomplished by evaluating some or all of the following 


Legendre symbols: 

(=!) as given in Proposition 7.2-7 (7.3-39) 
P 
2 ; on, 

(2 as given in Proposition 7.3-2 (7.3-40) 

PY 

(4 where g is an odd prime (7.3-41) 
P 


From Propositions 7.2-4 and 7.2-6, and from equation (7.3-38) 


we then have: 


(7.3-42) 


Example 7.3-4 


Determine Fa 
109 


Solution: 
Using Proposition 7.2-4, we have: 
( 50 )-(72)-(2 1-5 (=. 
109) i109 ) | 109 | \109) (109, 
From Proposition 7.2-5, we have: 
oper 
\ 09 L109) | [09 ) 


We can write: 
109 = 5(mod8) 


From Proposition 7.3-2, we then have: 


(is)=(its) = 


Example 7.3-5 


Find the number of solutions for x° =19(mod255). 


Solution: 
The prime factorization of 255 is 255 =3+5+17. The quadratic 
congruence: 

x” = 19(mod 255) 
is equivalent to 255|(x°-19), and so if b is a solution of 
x” =19(mod255), we must have: 

255|(b° - 19) 
or 

3+5+17|(b° -19) 
and so we must have: 

x” =19(mod3) 

x” =19(mod5) 

x” =19(mod17) 
Therefore if b is a solution of x° =19(mod255), then b must 
also be solution of each of the above simultaneous equations. 


From Proposition 7.1-5 we see that x° =19=1(mod3) has 


two solutions. 


Since 19 =4(mod5), using Propositions 7.2-2 and 7.2-5 we 


have: 


2}(3-(5)+ 


From Proposition 7.1-6 we see that x° =19=4(mod5) has two 


solutions. 


Since 19=2(mod17), using Propositions 7.2-2 and 7.3-2, 


we have: 


Gia) 


since 17=1(mod8). From Proposition 7.1-6 we see that 


x° =19=2(mod17) has two solutions. 


Therefore the number of solutions for x° =19(mod255) is 
2°2°2=8. 


Proposition 7.3-2 can be presented in a more concise form: 


If p is an odd prime number, then: 


Proof: 


From Proposition 7.3-2 we have (2/p) =| if p=8-k+1. We 


can write: 


p-1_ (8*kt1) -1_ 64k? +16-k 


7 3-43 
8 8 8 


or 


Dea ge roe 


; (7.3-44) 


which is an even integer. 
Also from Proposition 7.3-2 we have (2/p)=-1 if 
p=8-+k+3. We can write: 


p—-l_(8*k+3) -1_ 64+k? £48-k+8 


= 7 3-45 
8 8 8 ( 
or 
PT =8- £60k41 (7.3-46) 
which is an odd integer. 
If we now consider the equation: 
(2a (73-47) 


we see that the + sign in this equation depends on whether 


( Pp —1)/ 8 is even (+ sign) or odd (— sign). But the conditions 


for ( p - 1)/ 8 being even or odd are the same as the conditions 


for (2/ p)=+1 in Proposition 7.3-2. Therefore we can write: 


(2) 1)" 


P 


(7.3-48) 


If q 1s a prime factor of a Mersenne number M,=2? —1 where p 


is an odd prime number, then q=1(mod p) and qg=+1(mod8). 


Proof: 
Since qg is a prime factor of 2? —1, we can write: 
2? -1=0(modq) (7.3-49) 
or 
2? =1(modq) (7.3550) 


From Proposition 6.1-7 we also have g=2+k+p+1 for some 


positive integer k. Therefore: 


q-l=2¢kep (7.3-51) 


(7.3-52) 


Raising equation (7.3-50) to the k power: 


2“? =1(modq) (7.3-53) 
and using equation (7.3-51): 
27 =1(modq) (7.3-54) 


Then from Euler’s criterion (Proposition 7.1-8) we know that 2 


is a quadratic residue of g. Therefore we have: 


(== 1(modq) (7.3-55) 
q 
and from Proposition 7.3-2 we can conclude that: 

q = +1(mod8) (7.3-56) 


If p and 4 p+1 are both odd prime numbers, then 2 is a 
primitive root of 4* p+1. 


Proof: 

Let g=4-+p+1. We then have o(q)=4-+ p. To determine if 2 
is a primitive root of g, we note first that 2 can have an order of 
1, 2, 4, p, 2+p, or 4*p modulo q since we must have 
ord, (2)|@(q) (see Proposition 6.1-4). We will check each of these 
possibilities. Only if ord,(2)=4+p will 2 be a primitive root of 
4-ptl. 


Since g is an odd prime number, we can write using 


equation (7.2-3): 


pele [2 ](moaq) (7.3-57) 
wD 
Using g=4-+p+1, we get: 
x 2 
EB [2 }(moag) (7.3-58) 
4) 
From Proposition 7.3-3, we have: 
2) 3 (Aye = ee (7.3-59) 
4d 
and so: 
ps (16-p°+8-p}/8 2ep>+p 
= |=(-1) = (-1) =~] (7.3-60) 
\ q yf 
since p is odd. Therefore equation (7.3-58) becomes: 
*? =—1(modq) (7.3-61) 


and so the order of 2 is not 2+p, nor is the order any of the 
divisors of 2+ p: 1, 2, or p. To determine if 2 has an order of 4, 


we note that: 


2* = 1(modq) (7.3-62) 


means that g|15, and so q must equal 3 or 5. This is not 
possible, however, since g=4+p+l1 and so p would have to be 
1. Therefore we are left with ord,(2)=4+p, and so 2 is a 


primitive root of 4-p+1.m 


If p and 2+ p+1 are both odd prime numbers, then: 
DC ae (7.3-63) 


is a primitive root of 2° p+. 


Proof: 
We have gcd(a,p)=1 since a is even and p is an odd 
prime number. We will let g=2+p+1. Both p and gq are then 


odd prime numbers. We also have: 

o(q)=q-1=2+p (7.3-64) 
Therefore we wish to show that: 

ord, (a) =2+p (7.3-65) 
Since (p—1)/2 in equation (7.3-63) is an exponent of —1, the 
only property of this exponent that is relevant is whether it is 


an even number or an odd number. 


If (p—1)/2 is an even number, we have: 


Geral SI eo (7.3-66) 


and 

Drape 

2 

or 

p=k-4+l 
Therefore: 

g=2ept+l=ke8+3 
and so: 


gq = 3(mod8) 


From Proposition 7.3-2 we then have: 


From equation (7.2-4) we have: 
2 2 
2) =-1=2'T (modq) 
qd 
or since g=2«p+l: 
Z 


2) = 2’ =—1(modq) 


q 


Using equation (7.3-66), we can write: 


Je Ie 
(ee es 


(7.3-67) 


(7.3-68) 


(7.3-69) 


(7.3-70) 


(7.3-71) 


(7.3-72) 


(7.3-73) 


(7.3-74) 


and from equation (7.3-73): 


2 


a”? =2*? =(2’) =(-1) =1(modq) (7.3-75) 


Since ord, (a)|2° p (see Proposition 6.1-4), we must have 
ord (a)=1,2, p, or 2p. 


If ord, (a)=1, we have: 
a=2=1(modq) (7.3-76) 
which is not possible. 
If ord, (a) =2, we have: 
a=2° =4=1(modq) (73-771) 
and so we must have g=3. Since g=2+p+l, this means that 


p=1 which is not possible. 


If ord, (a) = p, we have: 
a=2’ =1(modq) (7.3-78) 


But this is contrary to equation (7.3-73) and so is impossible. 
Therefore ord,(a)=2+p and so a is a primitive root 


modulo 2+ p+l. 


If (p—1)/2 is an odd number, we have: 
Ne) (7.3-79) 


and 


al | 


3 


=ke2+1 


or 
p=ke44+3 
Therefore: 
q=2ept+l=ke8+7 
and so: 


q = 7(mod8) 


From Proposition 7.3-2 we then have: 


). 


Nee a 
From equation (7.2-4) we have: 


2) =1=2'T)? (modq) 


7 
or since g=2+ep+l: 
a 


2) 20 a i(moda) 


q 


Using equation (7.3-79) we can write: 


a”? =(-2)"? =1(modq) 


(7.3-80) 


(7.3-81) 


(7.3-82) 


(7.3-83) 


(7.3-84) 


(7.3-85) 


(7.3-86) 


(7.3-87) 


As in the above discussions, we can find ord,(a)#1 and 


ord (a) #2. If ord, (a)= p, we have: 


a’ =(-2)’ =1(modq) (7.3-88) 
Since p is odd, we have: 

a’ =-2’ =1(modq) (7.3-89) 
or 

2’ =-I(modq) (7.3-90) 


This contradicts equation (7.3-86) and so is impossible. 
Therefore ord,(a)=2+p, and so a is a primitive root modulo 


2-p+l._ 


Example 7.3-6 
Verify Proposition 7.3-6 for p=3. 
Solution: 
We have: 

D3 g=2¢p+l=2+34+1=7 6(7)=2+p=2+3=6 
and 

a=2«(-1)? 0? =26(-1)°"" =2«(-1) =-2 

If ord, (a)=1, we have —2 # 1(mod7). 


If ord, (a2) =2, we have (-2) = 4 #1(mod7). 


s) 


If ord, (a) = p =3, we have (-2)' =-8 #1(mod7). 
If ord, (a)=2+ p=6, we have (-2) = 64 =1(mod7). 
Therefore 
a=2-(-1)"" =-2 
is a primitive root of 2-p+1=2+3+1=7. Note that —2 is 


equivalent to 5 modulo 7: 5=-2(mod7), and that 5 is a 


primitive root of 7 as given in Table 6-2. 


7.4 QUADRATIC RECIPROCITY 


If p and q are odd prime numbers where p#q, then 


solutions of the two congruences: 


x” = p(modq) (Ani) 


x” = q(mod p) (7.4-2) 


are related by a law known as the quadratic reciprocity law. 
This law was proposed by Euler in 1783 based on empirical 
observations. Legendre independently discovered the law in 
1785 and made a couple of attempts to prove the law, but was 
unable to do so. The first proof of the law was obtained by 
Gauss in 1801. The proof of this law is quite difficult, as 
evidenced by the fact that it took Gauss a year of effort to 


obtain it. Gauss considered the law a fundamental theorem of 


higher arithmetic, and he later published five more proofs of it. 
The law of quadratic reciprocity has so_ intrigued 
mathematicians that, since the first proof was found by Gauss, 
more than 200 different proofs of this same law have been 
produced. 

Before presenting the quadratic reciprocity law and its 
proof, we will discuss two propositions that will be used in the 
proof. 


If p is an odd prime number and a is an odd integer where 
gcd(a, p)=1, then: 


where A . is a greatest integer function. 
P 


Proof: 
As in the proof of Proposition 7.3-1 (Gauss’ lemma), we 
will let G be the set of integers: 


(ah (7.4-3) 


If each of the elements of this set is divided by p, we have: 


G=fa 2a, 3°a,: 


kea=q,°prtt, La ep 1 (7.4-4) 


where (1 $k S$(p-—1)/2). Then we have: 


° by 
sed eet (7.4-5) 
P P 
or 
oe (7.4-6) 
Eee iene 
Therefore 
kea 
k-a=| ov (7.4-7) 
P 
We will denote the remainder ¢, as one of 7,,7,7%,°::.7, if 


(t, <p/2) or as one of 5,,5,,5,,+++,5, if (t, >p/2), where r, and 


s, are defined as in the proof of Proposition 7.3-1. Summing 
equation (7.4-7), we have: 


(p-1)/2 


Yea YH} 


k=1 


pent yy (7.4-8) 


If we let S be the set: 


SSAherers-sohee pa Airey Uae gt oe S,,7+,p—S,} (7.4-9) 


as in equation (7.3-5), then as was shown in the Proposition 
7.3-1 proof, there are (p—1)/2 elements in S, and they are 


equal in some order to the integers: 


12,3 2) 
2 


Therefore: 


(p-1)/2 m n m n 
Sy k y, + ¥(p-s,)= pent Yr, - >is (7.4-11) 
k=1 k=1 k=1 k=1 k=1 


Subtracting equation (7.4-11) from equation (7.4-8): 


(p-1)/2 p-1)/2 5 
ont St {SS z |-»]o2-Sis (74-12) 


Since p and a are both given as odd numbers, p—a, p—1, and 


(7.4-10) 


a-—1 are all even numbers, and so are divisible by 2. We then 


have the congruence: 
p =a=1(mod2) (7.4-13) 


Using this congruence to rewrite equation (7.4-12) as a 


congruence, we have: 


(p-1)/2 (p-1)/2 
0- k= I. » wae Tee ys (mod2) (7.4-14) 


and so: 
(p-1)/2 k 
n= > 7 \(mod2) (7.4-15) 
wines 
We therefore have: 
(p-1)/2 k 
2 | n-) ee (7.4-16) 
eae 


and so the right side of equation (7.4-16) is even. We then can 


write: 
(p-1)! kea 
n- saat ¥ 
cal Py (7.4-17) 
or 
(p-1)/2 kea 
(-1)' =(S1)e0 (7.4-18) 
From Gauss’ lemma (Proposition 7.3-1), we have: 
(S (7.4-19) 
Py 
Therefore: 
(p-1) kea 
(= )- (Aire (7.4-20) 
P 


Example 7.4-1 
Verify Proposition 7.4-1 for p=13 and a=9. 


Solution: 
We have: 
gel Bei, 
2 2 


and so k =1,2,3,---,6. We then have for k and 2] 
P 


ca 2 6. d 3) 6 


13 13 13 13 13 13 
Using Proposition 7.4-1: 
9 0+14+2+2+3+4 i 
— |=(-l =(-1) =1 
[SJ=( (-1) 


which agrees with the result given in Example 7.3-3. 


If p and q are distinct odd prime numbers p #q, then: 


Proof: 


From Proposition 7.4-1, we have: 


(q-1) 1 


ae 
q 
VES (p-1)/2 a 
| use I= ( eee (7.4-22) 
fey ee) 
Therefore 
/ \ Nee ate 
2 ).{4)=(-1)% Lt 16(-1) & A (7.4-23) 
. P 
or 
/ \ (q-1)/ (p-1)/ - 
(2). ua |= (-1) ape Fa (7.4-24) 
I aaa Ue 
= 


The following proof of the quadratic reciprocity law is a 
geometrical proof using the concept of lattice points. Lattice 
points are points whose geometrical coordinates are all 
integers. This geometrical proof is based upon a_ proof 
developed by Eisenstein (1844). For a discussion of Eisenstein’s 


proof see Laubenbacher and Pengelley (1994). 


If p and q are odd prime numbers where p #q, then: 
( aie! 
(2}-{2)=-0 Deeg 
qq) \P 
Proof: 


We will consider a rectangle in the x-y coordinate plane 


having the following (x, y) coordinates at its vertices: 


001 (5-9) (5-3) (04) 


A diagonal d bisects the rectangle as shown in Figure 7-1. 


(7.4-25) 


The number of lattice points within the rectangle, both 
above and below the diagonal d (but not on any boundary line) 
can be calculated. The lattice points within the rectangle 
include all points (n,m) such that 1<n<(p-1)/2 and 
1<ms<(q-1)/2. The total number of such points is then: 


Pes kideae (7.4-26) 
2 ya 
The equation of the diagonal d is: 
ys (7ADF) 
P 


In this equation q/p is never an integer since gcd( pee 
Moreover, within the rectangle we have x<p. Therefore no 


coordinates of lattice points within the rectangle can satisfy 


equation (7.4-27) and so no lattice points lie on the diagonal d. 


Figure 7-1 Lattice points (larger dots). 


We also see then that both k«q/p and k+p/q can never be 
integers when 1<k<(p-—1)/2. If we consider any vertical line 
x=k within the rectangle, the number of lattice points on the 


line below the diagonal is given by: 


k ° 
q Pgs (7.4-28) 
DPA ep 


where we have used equation (7.4-27). Similarly, if we consider 
any horizontal line y= within the rectangle, the equation of 


the diagonal can be written as: 


oes (7.4-29) 


q 


and the number of lattice points on the line y=j above the 


diagonal is given by: 


EP) <2, 
q q 


where we have used equation (7.4-29). Therefore the total 


(7.4-30) 


number of lattice points in the rectangle below the diagonal is: 


(p-1)/2 
> =| (7.4-31) 
eee 
and above the diagonal is: 
(q-l/2., 
SS ep (7.4-32) 
eae 


pel 


and so, using equation (7.4-26), the total number of lattice 


points within the rectangle is: 


(q-1)/2) , (p=l)/2 
> |£2)+ > facet get (7.4-33) 
jai a k=1 i 
From Proposition 7.4-2, we then have: 
PAC aed 
(2)-(2) Noe (7.4-34) 
SPIER GE 


While the quadratic reciprocity law only applies when p 
and q are both odd prime numbers, by using Proposition 7.2-7 
for negative numbers (-1/p), and Proposition 7.3-2 for even 
numbers (2/p), the utility of the quadratic reciprocity law and 


of the following three propositions can be greatly increased. 


If p and q are odd prime numbers where p#q, then: 


(NIE AN 3 4, if p=1(mod4) and/or q=1(mod4) 


ies 
ca} \p)} | -L if p=q=3(mod4) 


Proof: 
From the quadratic reciprocity law (Proposition 7.4-3), we 


have: 


(7.4-35) 


If p=1(mod4), then p—1=4¢k or: 


je apes (7.4-36) 


and so (p-1)/2 is even. Similarly, if g=1(mod4), then (g—1)/2 


is even. Therefore from equation (7.4-35), we have: 


ice 


If p=q=3(mod4), then p—3=4+k or p-1=4+k+2, and 


(7.4-37) 


SO: 

Pana dek+1 (7.4-38) 
Similarly, qg-3=4+k or g-1=4+k+2,and so 

1 =2. Fat (7.4-39) 


Therefore both (p—1)/2 and (q-1)/2 are odd, and so their 
product is odd. From equation (7.4-35), we then have: 


(7.4-40) 


From Proposition 7.4-4 we see that if p = q=3(mod4), then 
one of the congruences x° =q(modp) and x° = p(modq) will 


have a solution and the other will not. 


If p and q are odd prime numbers where p#q, then: 


2) if p=1(mod4) and/or q=1(mod4) 


ee {e if p=q=3(mod4) 


q 


Proof: 
From Proposition 7.4-4, if p=l(mod4) or q=1(mod4), 
then: 
(2)-(2}=1 (7.4-41) 
q Pp 
and so we must have: 
(2) z ) (7.4-42) 
q P 
From Proposition 7.4-4, if p= q =3(mod4), then: 
(2 : 2 es] (7.4-43) 
q Pp 
and so we must have: 
= 2: = (7.4-44) 
q Pp 


If p and q are odd prime numbers where p #q, then: 


Pilg fg \ 
[2}=(-0 ow) ee 
d P 


Example 7.4-2 


Determine (=) ; 
73 


Solution: 
Proof: From Proposition 7.4-5: 
From the quadratic reciprocity law (Proposition 7.4-3), we 37) (73 
have: yy ay 
“1 ql Since 
(2}{2}=-y? (7.4-45) 
q} \p 73 = 36 = —1(mod37) 
Multiplying this equation by (q/p) using Proposition 7.2-4: we can write: 
Se i ee 73 —1) 
D | 5 ce f \ —_ -(2)-( 
(z),{2 J--0 ig. se (7.4-46) (=) aa 37 | 
Wee P 


But we have: 
From Proposition 7.2-5, we have: 


37 = 1(mod4) 
(2 
(£.) =| (7.4-47) Therefore from Proposition 7.2-7: 
7 )) 
and so: [ 73 37 
" ie Ses geen 
[2}=(-?* a (7.4-48) 
q P 


Example 7.4-3 
Is x° = 7(mod137) solvable? 


Solution: or 


From Proposition 7.4-5: 3 ie if p =+1(mod12) 
(=) 2 (=) 
137 7 
3 
and so either (3)--1 if p=+5(mod12) 
x° = 7(mod 137) 
and Proof: 


, From Proposition 7.4-5 we can write: 
x” =137(mod7) 


are both solvable or neither is solvable. Since (2) a (2) if p =1(mod4) (7.4-49) 
3 
137 = 4(mod7) ne 
e have using Proposition 7.2-5: \ 
es (3 é (2) if p =3(mod4) (7.4-50) 


aa) CREE) ee 


This means x° = 7(mod137) is solvable. 


p =1(mod3) (7.4-51) 
Proposition 7.4-7: or 
If p is an odd prime number, then p =2(mod3) (7.4-52) 
3 If p=1(mod3) then by Proposition 7.2-2 and equation 7.2-5 we 
—|=1 if p=1(mod12) or p=11(mod12) hee 
DP . 


Pee Aes pie 
(2)-- if p=5(mod12) or p=7(mod12) (2)-(2)=1 SAA eae) 


If p =2(mod3) then by Propositions 7.2-2 and 7.3-3 we have: 
fo %" 2 
(2 = fe = (-1)° pS ae ee p=2(mod3) (7.4-54) 


Summarizing, we have: 


Case 1: 


if p=1(mod4) and p=1(mod3) (7.4-55) 
(2}--(2)-1 if p=3(mod4) and p=2(mod3) (7.4-56) 
[= |-(2)=-1 if p=1(mod4) and p=2(mod3) (7.4-57) 


ee Pye] if p=3(mod4) and p=1(mod3) (7.4-58) 
(mod 4) 


Solving these systems of linear congruences using the Chinese 


remainder theorem (Proposition 5.2-3), we have: 


M=4-3=12 (7.4-59) 


ee 
4 
Meee SA 
Ef te 
3+y, =1(mod4) = y, = 3mod4 
4+y, =1(mod3) = y, =1mod3 


Using: 
x=r,+M,+y,+n°M,-y,(modM) 
we have: 
Case 1: 
p=1+3+341-¢4+1=13=1(mod12) 


Case 2: 
p =3+3+34+2+4+1=35=-1=11(mod12) 


Case 3: 


Case 4: 
p=3+3+3+1+4+1=31=-5=7(mod12) 


(7.4-60) 


(7.4-61) 


(7.4-62) 


(7.4-63) 


(7.4-64) 


(7.4-65) 


(7.4-66) 


(7.4-67) 


(7.4-68) 


We then have: 


3 

[= if p=1(mod12) or p=11(mod12) (7.4-69) 

\ 

(2)-- if p=5(mod12) or p=7(mod12)  (7.4-70) 
P 

or 

3 

(2-1 if p=+1(mod12) (7.4-71) 
P 
3. 

(2)=- if pets (modi?) (7.4-72) 
P 


7.5 QUADRATIC CONGRUENCES WITH A 
PRIME POWER MODULUS 


We will now consider congruences having the form: 
a a(mod p*) (725-15) 


where k>1, p is a prime number, and where gcd(a, p)=1. We 
will determine how many solutions exist for congruences 
having a prime power modulus. We will also present a method 


for solving such congruences. 


If p is an odd prime number and if gcd(a, p)=1, then 
x= a(mod p" | where néN is solvable if and only if 


x° =a(mod p) is solvable. 
Proof: 
If the congruence: 
Nore a(mod p") (7.5-2) 
is solvable, then 
x = a(mod p) (7.5-3) 
must also be solvable since if p* (2? — a) then p| ee — a) , 
Conversely, if equation (7.5-3) is solvable, then using 
mathematical induction we can show that equation (7.5-2) is 
solvable forneN. 
When n=1, equation (7.5-2) becomes equation (7.5-3), 


which, by hypothesis, is solvable. 
We will next assume that equation (7.5-2) is solvable for 


x= a(mod p') (7.5-4) 


Finally, to show that 


Fae a(mod pe) (7.5-5) 


is solvable, we will establish a solution of this equation. If x=b 


is a solution of equation (7.5-4), we must have: 
b> =atle p* (7.5-6) 


for some / € Z. This equation can be solved for /. 

The residue class of b will consist of all integers 
b=a+jep*. Included in this residue class will be the integers 
b=a+jep™ for certain values of j. Therefore solutions of 
x= a(mod Ree) can be obtained from solutions of 


x= a(mod p* ) by determining the appropriate values of j. We 


begin by setting: 

x=b+ je p* (7.5-7) 
We then have: 

Ee (b+ j-p*) = a(mod p‘*') (7.5-8) 
or 

x =b+2ebejep'tjep"= a(mod p*"') (7.5-9) 


Since p* > p‘"', we have: 
x =b’ +2+be j+p* =a(mod p') (7.5-10) 


Using equation (7.5-6), we can write: 


x =atlsp'+2«bs jp =a(mod p“') (7.5-11) 


or 


x’ Sat p‘+(1+2+be j)=a(mod p“) (7.5-12) 


For equation (7.5-12) to be identical to equation (7.5-5), we must 
have: 

1+2+b+ j=0(mod p) (7.5-13) 
or 


2«b+ j =-I(mod p) (7.5-14) 


This is a linear congruence that has one solution since 
gcd(2+b,p)=1 (see Proposition 5.1-2). Therefore j can be 
determined, and so x=b+ j+p* is a solution of x* = a(mod p‘"'). 


Therefore the congruence x° =a(mod p") is solvable when 


x” =a(mod p) is solvable. m 


6 =15+1,+7 


for some /, eZ. Solving this equation, we find J, =3. From 


equation (7.5-13) we then have: 
l,+2¢be j, =0(mod p) 
3+2+6+j, =0(mod7) 
Therefore j, =5.We then have: 
X=b+ pe j, =64+7+5=A41 
and so 
41° =15(mod7’ ) 
We must then have: 
412 =15+1,-7? 
and so 1, = 34. From equation (7.5-13) we then have: 
344+2+41+ j, =0(mod7) 
Therefore j, = 3. We then have: 
x=bt+ p> sj, =414+7 #3=188 
and so: 
188° = 15(mod7’) 


x=188 is a solution of x’ =15(mod7°), and so the two 
solutions are x = +188, or x=188 and x= 7° —188 =155. 


If p is an odd prime number and if gcd(a, p)=1, then 
x’ = a(mod p*) either has no solution or exactly two 
incongruent solutions. 


Proof: 
If x° =a(mod p*‘) has no solution, the proposition is true. 


If x° =a(mod p*) has a solution x= x,, then we have: 


x = x; (mod p*) (7.5-15) 


Or 


(xx, )*(x+x,)=0(mod p*) (7.5-16) 


and so p* |(x—x,)*(x+x,). Therefore p|(x-x,)*(x+x,). 

If p can divide both factors x+x, and x-—x,, then it can 
divide both their sum 2+x and their difference —2+x,. Since p 
is an odd prime number, however, it cannot divide 2. Therefore 
p must divide both x and x,. From x°= a(mod De ) we can 
write: 

x -a=le p* (7.5-17) 
or 


x =atle p* (7.5-18) 


Therefore if p divides x, it will divide x° and so must divide a. 
But this is impossible since ged(a, p)=1. We can conclude that 


p does not divide x or x,. 


Therefore p can only divide one of the factors x+x, and 


x —x,. We then have: 


x = x, (mod p) (7.5-19) 
or 


x =—x, (mod p) (7.5-20) 


and so x’ =a(mod p* ) has exactly two solutions modulo p: 


x=ix,. 0 


We will now examine congruences of the form 
a= a(mod2*). We will consider the four cases: k=1, 2, 3, and 
24. 


Case 1: 
If a is an odd integer, then x° =a(mod2) is solvable and 
this congruence is equivalent to x° =1(mod2). This congruence 


has only one solution: x =1 (see Example 7.1-11). 


Case 2: 


If a is an odd integer, then x° = a(mod2’) has two solutions if 


a=1(mod4), and no solutions if a=3(mod4). 


Proof: 


We are given x° =a(mod4). Since we are also given that a 
is an odd integer, then x must also be an odd integer so that 


4| (x° — a). Therefore we have x=2+k+1 where k eZ. Then: 


x° =4ek?+4ek+1=a(mod4) (7.5-21) 


or 


x” =1(mod4) (7.5-22) 


Therefore x*=a(mod2’) is solvable only if a=1(mod4). If 
a=3(mod4) then x’ = a(mod 27) has no solutions. There are two 
solutions of x= I(mod2’). These are: x=+l, or x=1 and 
x=4-1=3.5 


Case 3: 


If a is an odd integer, then x* = a(mod2°) is solvable only if 


a=1(mod8). There are then four solutions. 


Proof: 
We are given x° =a(mod8). Since we are also given that a 
is an odd integer, then x must also be an odd integer so that 


8 | (x° — a). Therefore we have x =2+k+1 where k eZ, and so: 


ke(k+l) 


x =4ek?+4ek+1=8> +l=a(mod8)  (7.5-23) 


Or 


(7.5-24) 


Therefore x° = a(mod2*) is solvable only if a=1(mod8). There 
are then four solutions of x? = I(mod 2°). These are: x=+1 and 
x=+3. We then have: x=1, x=8-1=7, x=3 and x=8-3=5. 


Case 4: 


If a is an odd integer, then x* = a(mod Di ) where k =3 is 
solvable if and only if a=1(mod8). 


Proof: 
tse ae a(mod 2") is solvable where k2>3, then 
x= a(mod 22) must be solvable, and so from Proposition 7.5-4 


we must have a= 1(mod8). 


Conversely, if a=1(mod8), then we can now prove by 
mathematical induction that x° = I(mod oe ) is solvable for n23. 

From Proposition 7.5-4 we know that x° =a(mod2*) is 
solvable if a=1(mod8). 

We next assume that x° = a(mod2") where k 23 is solvable 
if a= 1(mod8). If b is a solution of x’ =a(mod2"), then b must 


be an odd integer, and we must have: 


b> =at+le2* (7.5-25) 


for some /€Z. The residue class of b will include all integers 
b=a+ j+2*". Moreover, included in this residue class will be 
the integers b=a+j+2"" for certain values of j. Therefore 
solutions of x° = a(mod ae) can be obtained from solutions of 
x= a(mod 2") by determining the appropriate values of j. We 
begin by setting: 


x=b+ jer (7.5-26) 


We then have: 
(b+ j-27Y =v +b. jo2*+ 722? =a(mod2") (75-27) 


or since k >3, then 2e-k—22=k+1, and so: 


x =b +be jo2*(mod2"") (7.5-28) 
Using equation (7.5-25) we can write: 

x? Satle2' +b j+2*(mod2"") (7.5-29) 
or 

x? =at(I+ jeb)+2*(mod2"') (7.5-30) 
For equation (7.5-30) to be identical to: 

x° =a(mod2"") (7.5-31) 
we must have: 

1+ j+b=0(mod2) (7.5-32) 


Or 


b+ j =—I(mod2) (7.5-33) 


This is a linear congruence that has one solution since b is an 
odd integer and so we have gced(b,2)=1 (see Proposition 5.1-2). 
Therefore j can be determined, and so x=b+/j+2*" is a 
solution of x° = a(mod2‘"). 

By induction then x? = a(mod2" ) is solvable for k=3 if 
a=1(mod8). = 


If a is an odd integer, then x* = a(mod Ds ) where k =>3 has 


exactly four solutions if a=1(mod8). 


Proof: 

If a=1(mod8), we know from Proposition 7.5-4 that 
ne = a(mod 2°) is solvable and has exactly four solutions. We 
also know from Proposition 7.5-5 that x° = a(mod2' ) where 
k 23 is solvable. 


If x, is one solution of x* = a(mod 2 Mi then we have: 


x? =x; =(x—x,)+(x+x,) = 0(mod2") (7.5-34) 


where x and x, are odd integers since a is an odd integer. 
Therefore we can write: 


{ E 


(5%). 2* |= 0(moa2") 


(7.5-35) 


We also have: 


=X (7.5-36) 


=~ “0 = x, (7.5-37) 


Since x and x, are odd integers, one of the two factors 
(x+x,)/2 and (x-x,)/2 has to be even and the other odd. 
Because one of the two factors (x+x,)/2 and (x-x,)/2 is even, 


in addition to equation (7.5-34) we will have: 


x” = Xp =(x—x,)*(x+x,) = 0(mod2‘*) (7.5-38) 
and so solutions of x* = a(mod ja ) are given by: 

x=Xx,+1,22*" (7.5-39) 

x=—-x, +1, 02*" (7.5-40) 
We then have four solutions: 

x = x,(mod 2") (7.5-41) 

X=—X, (mod 2") (7.5-42) 

x= x,+2'"(mod2") (7.5-43) 

x=—-x,-2*" (mod 2") (7.5-44) 


The number of solutions n existing for x’ =a(mod2") is Since 33=1(mod8), then by Proposition 7.5-6 the congruence 


summarized in Table 7-2. oe 33(mod 2*) io eanrAble: 
+4: First we find a solution of x* =33(mod2*). We have x=1 is a 
_o[ k | a_| Proposition ee 
solution. Therefore using equation (7.5-25): 


Therefore /=—4. We then have from equation (7.5-33): 
1- 7 =4(mod2) 
and so j=2. From equation (7.5-26) we have: 


x=bt jo2? =142-27 =9 


and so x=9 is a solution of x = 33(mod 2 . From 
Table 7-2. Number of solutions n of x2 = a(mod ak ). Proposition 7.5-6, the four solutions of x° = 33(mod 2*) are: 
x= I(mod 2) 

Example 7.5-2 
P x =-1=15(mod2*) 
loea— 66(mod 2°) solvable? 
x=1+2° =9(mod2*) 
Solution: 


Since 66 #1(mod8), then by Proposition 7.5-4 the congruence x=-I-2'=-9=7(mod?2") 


a 66(mod ae ) is not solvable. and so the solutions are x =1,7,9,15. 
Example 7.5-3 7.6 QUADRATIC CONGRUENCES WITH 
COMPOSITE MODULI 


Find all solutions of x* = 33(mod2"*). 
We will now consider congruences having the form: 


Solution: 


2 


x” =a(modm) (76-15) 


where m is a composite integer, and where gcd(a,m)=1. Since 
m is a composite integer, it has a prime factorization 


representation: 

Mm = po « pS eve pm (7.6-2) 
and so equation (7.6-1) becomes: 

x? =a(mod pi" + ps? +--+ pi") (7.6-3) 
Any solution of the congruence in equation (7.6-3) must also be 


a solution of the set of simultaneous congruences having prime 


power moduli: 


se a(mod pis ) 


a(mod ps ) 


x 
(7.6-4) 
x= a(mod Pp," ) 
as is shown in Proposition 7.6-1. If solutions can be found to 
each of the individual prime power congruencies in equation 
(7.6-4), then solutions of the entire set of simultaneous 


congruences can be found using the Chinese remainder 


theorem (Proposition 5.2-3). 


If b is a solution of x° =a(modm) where the prime factorization 
of m is m= py" « pS? +--+» p* and where gcd(a,m)=1, then b 
must also be a solution of each of the equations x° = a(mod De ) 


where k=1 ton. 


Proof: 


The quadratic congruence: 


x” =a(modm) (77625) 


is equivalent to m|(x°—a), and so if b is a solution of 


x° =a(modm), we must have: 

Die pS ope |(b° a) (7.6-6) 
and so for each p;* we must have: 

pi \(b° a) (76:7) 


Therefore if b is a solution of x” =a(modm), then b must also 


be solution of each of the simultaneous equations: 


(7.6-8) 


Example 7.6-1 
Find all solutions of x°* = 5(mod295). 


Solution: 
The prime factorization of 295 is: 
295 =5¢59 
Therefore we have: 
x” = 5(mod5) 
x” = 5(mod59) 
The congruence x° = 5(mod5) has one solution: x =0, and the 


congruence x° = 5(mod59) has two solutions: x = 8,51. 


Using the Chinese remainder theorem (Proposition 5.2-3) 
with: 


Ve 559-295 
M 
M, =——=59 
5 
M,=—=5 
9 
59+ y, =1(mod5) = y, = -Imod5 
5+y, =1(mod59) = y, =12mod 59 


We can use: 


x, =r,-M,«y,+n+M,+y,(modM) 
to obtain: 

x, =7,259+(-1)+7, ©5+12(mod 295) 
or 

x, =—59 er +607, (mod 295) 


Using the following combinations of r, and r, from the 


solutions of x* =5(mod5) and x* = 5(mod59): 


h » 
0 8 
0 bal 


we find the 2 solutions of x* = 5(mod295): 
x, =—59+0+60-8= 480 (mod 295) 


x, =-59+0+ 60-51 =3060(mod 295) 


7.7 JACOBI’S SYMBOL 


The Legendre symbol (a/p), is defined only when the 
integer p is an odd prime number. The Jacobi symbol (a/m) is 
a generalization of the Legendre symbol for which 
gcd(a,m)=1, and for which the integer m is a positive odd 


composite number having the prime factorization: 


Ws Pie Poe Pace es (Za) 


where the p, are not necessarily distinct. The Jacobi symbol is 
defined as: 


(*)-T][<) (7.7-2) 
pe ls 
where all the factors on the right side of equation (7.7-2) are 
Legendre symbols. If m is an odd prime integer, then the Jacobi 
symbol (a/m) is equal to (and the same as) the corresponding 
Legendre symbol. 

The Jacobi symbol always takes one of the following 


values: {—1,0,1}. Specifically: 


(#)- | 0 if gced(a,m)#1 (7.7-3) 
\m alm ecd aunt) 


If (a/m)=-1, then a is a quadratic nonresidue modulo m. If 
(a/m)=1, then a may or may not be a quadratic residue 
modulo m. While it is necessary that (a/m)=1 for a to bea 
quadratic residue modulo m, it is not sufficient. 

For x° =a(modm) to have a solution, x* =a(mod p,) must 
also have a solution for all p, in the prime factorization of m. 
Any pair of p, factors in m for which a are individually 
nonresidue modulo m will result in a +1 factor for (a/m) as 


shown in Example 7.7-1. 


Example 7.7-1 


Determine (=) : 
65 


Solution: 

From the definition of the Jacobi symbol we have: 
2)-2}(2) 
(65) (5) (43, 

From Proposition 7.3-3, we have: 


(2 )=-n v= (y= 


[2 }=(ay ("= 


x 


Therefore: 


[2 }=(y-1)=1 


This example shows that x° =2(mod65) does not have a 
solution (although (2/65)=1), since both x*=2(mod5) and 


x° =2(mod13) do not have solutions. 


IfaeZ and m 1s a positive odd integer, then: 


if and only if gcd(a,m) #1. 


Proof: 
Follows from the definition of the Jacobi and Legendre 


symbols. = 


If m is a positive odd integer, then: 
(1) 
eal =] (7.7-4) 
m 


Proof: 
Follows from equation (7.2-5) and the definition of the 
Jacobi symbol. = 


If m 1s a positive odd integer and a and b are any integers 


where gcd(a+b,m)=1, then if a=b(modm), we have: 
ae os 
m) \m 
Proof: 


Let the prime factorization of m be: 


i= I] DP; (7.7-6) 
r=1; 


where the p, are not necessarily distinct. If a=b(modm), then 
a=b(mod p,) for all p, in the prime factorization of m. From 
Proposition 7.2-2 and the definition of the Jacobi symbol, we 


therefore have: 


eeNGTE}G) 


If m is a positive odd integer and if a and b are any integers 


where gcd(a*b,m)=1, then: 
22)(a} rs 
m ) \m) \m ; 
Proof: 


Let the prime factorization of m be: 


fe I] p, (7.7-9) 
i=1 


where the p, are not necessarily distinct. From Proposition 7.2-4 


and the definition of the Jacobi symbol, we have: 


n 4 z x n ‘ 
(+) - Il aeb -T[+}(4}-(4)(2) (7.7-10) 
m LAL pp J} AAD) m) \m 
i 
If m is a positive odd integer and if a is any integer where 


gcd(a, m) =], then: 


(7.7-11) 


Proof: 
Follows from Proposition 7.2-5 and the definition of the 


Jacobi symbol. = 


If m and n are positive odd integers and if a is any integer 


where gcd(a,men)=1, then: 


ean ee 
men m]) \n 
Proof: 
Let the prime factorizations of m and n be: 
k 
m = I] D, (7.7-13) 
i=] 


where the p, are not necessarily distinct, and 


n=| [a 


i=] 


(7.7-14) 


where the g, are not necessarily distinct. We then have from the 


definition of the Jacobi symbol: 


( 


ee a | 


a 


If m is a positive odd integer and if a is any integer where 


gcd(a,m)=1, then: 
ae 
m 
Proof: 


From Proposition 7.7-6, we have: 


f \ 
(-<) é (+) (= (7.7-16) 
m m) \m 
Since 
(+) =+] (Z7AZ) 
m 
then from equations (7.7-16) and (7.7-17) we have: 
(<) =! (7.7-18) 
m 


The next proposition will be useful in proving Proposition 
7.7-9. 


If m is a positive odd integer having prime factorization: 


i=l 


Proof: 


Since m is a positive odd integer, all p, in its prime 
factorization must be odd integers. Therefore each p,—1 will be 
an even integer 22. This means that the product of two or 
more p,—1 must be congruent to 0 modulo 4. If we write m in 


the form: 


m=|1+(p,-1)]*[1+(p.-1) Jen 


we have, after multiplying the terms and setting to 0 all terms 


[1+(p,-1)] (7.7-19) 


containing the product of two or more p, —1 factors: 
m=1+(p,-1)+(p,-1)+(p3-1)---+(p, -1)(mod4) — (7.7-20) 


Or 


m-1= Sie —1)(mod 4) 


i=l 


(7.7-21) 


Since m—1 and all p,—1 are even, they are all divisible by 2. 


Therefore we have: 


(7.7-22) 


If m is a positive odd integer, then 


Proof: 


Let the prime factorization of m be: 


m= I] p, (7.7-23) 
i=] 


where the p, are not necessarily distinct. From the definition of 


the Jacobi symbol and Proposition 7.2-9, we have: 
(=| = {=} = [Jour z nero? (7.7-24) 
My ee “i=l 


since the value of the right side of this equation depends 
entirely on whether the exponent is even or odd. Using 
Proposition 7.7-8, we can rewrite equation (7.7-24) as: 

{-] (m-1)/2 

Si] (7.7-25) 

Pee 


If m is a positive odd integer, then 


[= )=1 if m= 1(mod4) 


m 


mM 


(=) =-1 if m=3(mod4) 


Proof: 


From Proposition 7.7-9, we have: 


asl (m-1) /2 
ae 
mM 


and 
m—| 
5 ike? or m=ke4+] 
Therefore: 
m =1(mod4) 
If (m—1)/2 is odd, we have: 
a 
m 
and 
LA eG Te or = m=ke 443 


(7.7-26) 


(7.7-27) 


(7.7-28) 


(7.7-29) 


(7.7-30) 


(7.7-31) 


Therefore: 


m = 3(mod 4) (77232) 


The next proposition will be useful in proving Proposition 


77-12. 


If m is a positive odd integer having prime factorization: 


n 
m= | | P; 
i=1 


where the p, are not necessarily distinct, then 


Proof: 
We are given: 


m= I] p, (7.7-33) 
Paik 


where the p, are not necessarily distinct. We then also have: 


m = WG (7.7-34) 
fill 


We can rewrite equation (7.7-34) as: 
m? =[1+(p; -1)]-[1+(p3-1) |---| 1+(p7-1) | (7.7-35) 


Since m is a positive odd integer, all p, in its prime 
factorization must be odd integers. For each p; —1, we will then 


have from Proposition 4.1-28: 
p; ~1=0(mod8) (7.7-36) 


Therefore the product of two or more p;—1 factors must be 
congruent to 0 modulo 64. After multiplying the terms in 
equation (7.7-35) and setting all products involving two or 


more p; —1 factors to 0, we then have: 
m> =1+(p; -1)+(p;-1)+--+(p,-1)(mod64) —_(7.7-37) 


or 


n 


m—1= ) (p; -1)(mod64) (7.7-38) 


i=] 


Since from Proposition 4.1-28 we know that m*—1 and all p? -1 


are divisible by 8, we have: 


(7.7-39) 


m—-l wp -l 
; eee 


Of course any integer divisible by 8 is also divisible by 2, and so 


we can write: 


ed ee we eel 
ee Ds: <—(mod2) (7.7-40) 
a 
If m is a positive odd integer, then: 
2) _¢_pyrays 
Pale (af 
(2)=(-0 
Proof: 
Let the prime factorization of m be: 
(7.7-41) 


n 
m=] [ 
=I 


where the p, are not necessarily distinct. From the definition of 


the Jacobi symbol and Proposition 7.3-3, we have: 


n 


(2)=T][2)-T [oe (77-42) 


i=l ua 


since the value of the right side of this equation depends 
entirely on whether the exponent is even or odd. Using 
equation (7.7-40), we can rewrite equation (7.7-42) as: 
(2) ajo 77-43) 
m 
a 


If m is a positive odd integer, then: 


(2 )=1 if m =1(mod8) or m=7(mod8) 
(2)=-1 if m= 3(mod8) or m= 5(mod8) 
or 
(2)=1 ime “ionod8) 
Proof: 


From Proposition 7.7-12, we have: 


[2 )=(-" 


Mm 


(7.7-44) 


From Proposition 4.1-28, we have: 


m” —1=0(mod8) 


(7.7-45) 


when m is an odd integer. Therefore equation (7.7-45) is valid 


for m=1,3,5,7 modulo 8. We can determine if the exponent in 
equation (7.7-44) is even [= 0(mod2) ] or odd [=1(mod2) ]. 


If m=8-k+1 we have: 


m>-1_ (8ek+l) -1_ 64+k?+16¢k 
ches 8 ‘i 8 


and so: 


m —-1 


=8+k? +2+k=0(mod2) 


If m=8-k+3 we have: 


m>—1_ (8*k+3) -1_ 64k? +48-k+8 


8 8 8 
and so: 


m —1 


Tagen et Osh tlel(mod2) 


If m=8+k+5 we have: 


(7.7-46) 


(7.7-47) 


(7.7-48) 


(7.7-49) 


m>—1_ (8ek+5) -1_ 64+k? +800k+24 


8 8 8 
and so: 


Nee ge Ani elma) 


If m=8°ek+7 we have: 


m>—1_(8¢k+7) -1_ 640k? +112+k +48 


8 8 8 


and so: 


2 
1. 


y=] ; 
gs Bek +14¢k+6=0(mod2) 


Therefore from equation (7.7-44) we see: 


Or 


(2 
(2 )=1 if m=+1(mod8) 
m 


— =I if m=1(mod8) or m=7(mod8) 
m 


)--1 if m=3(mod8) or m=5(mod8) 


(7.7-50) 


(7.7-51) 


(7.7-52) 


(7.7-53) 


(7.7-54) 


(7.7-55) 


(7.7-56) 


(2 
L | =-1 if m=+3(mod8) (7.7-57) 
m 


Example 7.7-2 


For which values of m does (2/m)=-1? 


Solution: 


From Proposition 7.7-12, we have: 


(2) (af 


For (2/m)=-1, it is necessary that (m>-1)/8 be an odd 
integer. Therefore: 


m —] 


are or or m =16+k+9 


We then have: 
m°” = 9(mod16) 
Testing values of m: 


1° =1#9(mod 16) 
2? = 4 4 9(mod 16) 
3? = 9 = 9(mod16) 


4° = 16 # 9(mod 16) 


= 64 # 9(mod 16 

9° = 81# 9(mod16) 
10° = 100 # 9(mod16) 
11? =121=9(mod16) 
12? ees 
69 = 9(mod 16) 
= 196 # 9(mod 16) 
( 


= 225 # 9(mod 16) 


and so for m=3,5,11,13 modulo 16 we have (2/m)=-1. For 


all other values of m modulo 16, we have (2/m) = 


ee ee 


If a and b are positive odd integers where gcd(a,b)=1, then: 


Proof: 


Let the prime factorizations of a and b be: 


a= D; (7.7-58) 


b= [|< (7.7-59) 


where the p, and q, are not necessarily distinct, but the p, all 


differ from the q, From the definition of the Jacobi symbol, we 


have: 

ae TTT 2 EE 

De eltley ay 
and 

a neues’ 4 

a | Z T+ (7.7-61) 
We then have: 


5)(2)-TMT EH or 


From the quadratic reciprocity law (Proposition 7.4-3), we can 


write: 


2 Gy ie : - (ot) 9) : 
ite Ge ee 


a 


4S (pi-1) (4-1) 
(2).(2)-cne Ee: (7.7-64) 
where 


yy ee q,-1 “yao Ie (7.7-65) 


p—l eee —ill 


and so equation (7.7-64) becomes: 


Aine ss Le 77-66) 


a 


(*).(2) fi (ieee (7.7-67) 


If a and b are odd positive integers where gcd(a,b)=1, then: 


(2)-(2)-| 4, if a=1(mod4) or b=1(mod 4) 


-1 ifa=b=3(mod4) 


Proof: 
From the quadratic reciprocity law for Jacobi symbols 


(Proposition 7.7-14), we have: 


d b (a-1) (b-1) 

—je}—|J=(-l1) 2 2 7.7-68 

(4).(2}=-0 (7.7-68) 
If a=1(mod4), then a—1=4¢k or: 

ao = 2k (7.7-69) 


and so (a—1)/2 is even. Similarly, if b=1(mod4), then (b—-1)/2 


is even. Therefore from equation (7.7-68), we have: 


(7.7-70) 


SO: 

Aon = Dek +I (7.7-1) 
Similarly 

7 =2- Haat (77292) 


Therefore both (a—1)/2 and (b-1)/2 are odd, and so their 
product is odd. From equation (7.7-68), we then have: 


(7.7-73) 


If a and b are odd positive integers where gcd(a,b) =1, then: 


(e) if a=1(mod4) or b=1(mod4) 


; | if a= b=3(mod4) 


Proof: 
From Proposition 7.7-15, if a=1(mod4) or b=1(mod4), 
then: 
(<) ; (=) S| (7.7-74) 
b a 
and so we must have: 
(*) 2 (=) (7.7-75) 
a b 
From Proposition 7.7-15, if p=q=3(mod4), then: 
(=) (=) Le (7.7-76) 
b a 


and so we must have: 


b fa 
(+) is AG (77-79) 


Proof: 
From the quadratic reciprocity law for Jacobi symbols 


(Proposition 7.7-14), we have: 


(7.7-78) 


Multiplying this equation by (b/a) using Proposition 7.2-4 and 
the definition of Jacobi symbols: 


2\ (a-1) (6-1) 
( “|. [ = (-1) 2° 2 {*) (7.7-79) 
Lb y a 
From Propositions 7.7-4 and 7.7-7 we have: 
(*) fi (7.7-80) 
ie 


(7.7-81) 


The quadratic reciprocity law for Jacobi symbols makes it 
possible to determine Legendre symbols for large numbers 


without first having to factor these numbers. 


Example 7.7-3 


Determine if x* = 33(mod125) is solvable. 


Solution: 
Since 125=1(mod4), from Proposition 7.7-16 we have: 
{ 33 7 (=) 
| 125 (33 
We then have: 
125 = 26(mod33) 
and so: 
33.)_(26)_(2),(13 
125) \33) \11) \3 
From Proposition 7.3-2 we have: 
{ 33 13) 
Comenes 
125% 3 


since 11 =3(mod8).We also have: 


13 =1(mod3) 
and so from Proposition 7.7-2: 


(Ge 


NS 


and so x° =33(mod125) has no solutions. 


Example 7.7-4 


Determine if x* =31(mod125) is solvable. 


Solution: 

From Proposition 7.7-16 we have: 
f3l \ (125 
s)(31) 

since 125=1(mod4). We then have: 
125 = 1(mod31) 

Therefore using Proposition 7.7-2: 
(as) (31)! 

125 Sal 


and so x* =31(mod125) is solvable. 


Example 7.7-5 
Determine if x° = 4851(mod 5525) is solvable. 


Solution: 


From Proposition 7.7-16 we have: 
zs)" (a) 
D525 4851 
since 4851 = 3(mod4). We then have: 
5525 = 674(mod 4851) 
and so from Proposition 7.7-4: 
Ses)" sr)“ (ar) Ca 
5525 4851 4851 4851 
From Proposition 7.3-2 we have: 


(5s) 


since 4851 =3(mod8). From Proposition 7.7-16 we have: 


4851) ( 4851" 
5525)  \ 337 ] 
since 337 = 1(mod4). We then have: 


4851 = 133(mod337) 


and so from Proposition 7.7-16: 


4851 133 337 
(355) 
since 337 = 1(mod4). We then have: 
337 = 71(mod 133) 
and so from Proposition 7.7-16: 
(505 )"-Cizs)-r} 
5525 133 qe 
since 337 = 1(mod4). We then have: 
133 = 62(mod71) 
and so from Proposition 7.7-13: 
4851\__/62)__( 2 \ (31 Pee 
(S595 (aa) =a) Gi)“ 
since 71 = 7(mod8). From Proposition 7.7-16: 
(505 "(31 
5525 a1 
since 31 =3(mod4). We then have: 
71=9(mod 31) 


and so from Proposition 7.2-5: 


($5 )-(2)-[S]= 
5) ly 


and so x° = 4851(mod 5525) is solvable. 


7.8 HIGHER ORDER CONGRUENCES 
The polynomial: 


(ol Se ox" (7.8-1) 
k=1 
is called an integral polynomial if all the coefficients c, are 


integers. The congruence: 
P(x)=0(modm) (7.8-2) 


is known as a polynomial congruence. If the coefficients c, 
satisfy gcd(c,,c,,---,c,)=1, then P(x) is called primitive. The 
degree of P(x) modulo m is the degree of the term of P(x) 
having the highest degree whose coefficient is not divisible by 
m. This term is called the leading term. 

If two integrals polynomials P(x) and Q(x) are such that 
the coefficients of equal powers of x are congruent modulo m, 


then we will have: 
P(x)=Q(x)(mod p) (7.8-3) 


independent of the value of x. The polynomials P(x) and Q(x) 
are therefore said to be identically congruent to each other 
modulo m, and the congruence in equation (7.8-3) is 


considered an identical congruence. 


If, however, two polynomials P(x) and Q(x) are such that 
P(x)=Q(x)(mod p) independent of the value of x, it does not 
necessarily follow that the coefficients of equal powers of x are 
congruent modulo m so that this congruence will be an 
identical congruence. For example, Fermat’s theorem 
(Proposition 4.3-1) states that: 


a’ =a(mod p) (7.8-4) 


where a is any integer and p is a prime number. Therefore this 
congruence is valid independent of the value of a. In this 
congruence we have P(x)=a? and Q(x)=a. It is clear then that 
coefficients of equal powers of a for P(x) and Q(x) are not 
congruent modulo p. 


If we have: 
P(x) =Q(x)(mod p) (7.8-5) 


where P(x) and Q(x) are not identically congruent, but are 
congruent conditional on the value of x, then equation (7.8-5) is 
called a conditional congruence. 

If x=a is an integer value of x that makes a conditional 
congruence P(x)=0(modm) a valid congruence, then a is 


known as a root or solution of the polynomial congruence: 
P(a)=0(modm) (7.8-6) 


If we have: 


a= b(modm) (7.8-7) 
then by Proposition 4.1-23: 

P(a)= P(b)(modm) (7.8-8) 
and since P(a)=0(modm), we will have: 

P(b) =0(modm) (7.8-9) 


Because a and b are congruent modulo m, they are not 
considered to be different solutions of P(x)=0(modm). 

As is the case for quadratic congruences, any solution of 
P(x)=0(modm) must be congruent to one and only one 
element of the complete residue system {0,1,2,---,m-—1}. This 


means that a polynomial congruence P(x)=0(modm) can have 


no more than m incongruent solutions. 


Example 7.8-2 
Is 60x +5ex° + 8ext1=30x°+20x° +5¢x+4(mod3) 


an identical congruence? 


Solution: 


Yes, since the coefficients of x are: 


ca => 6—3=3=0(mod3) 
oe = 5—2 =3=0(mod3) 
re => 8—5=3=0(mod3) 
fe = 1-4=-3=0(mod3) 


Example 7.8-3 


Find all solutions of the integral polynomial P(x): 


P(x)=x°+9ex—4=0(mod11) 


Solution: 
Since the modulus is small, the solvability of 


P(x)=x°+9+x-4=0(mod11) 


can be checked by testing the numbers relatively prime to 11: 


p23 4s 6. so 10h. 


P(1)=6 P(2)=22 P(3) =50 
P(4)=%6 P(5)=166 P(6) = 266 
P(7)=402 ~— P(8)=580 ~—— P(9) = 806 


P(10) = 1086 
Only P(2)=22 is divisible by the modulus 11 and so we find 


x =2mod11 is the only solution of the integral polynomial 


congruence P(x)=x°+9+x-4=0(mod11). 


If we have P(x)=Q(x)+*G(x)(mod p) where p is a prime 
number, and where P(x), Q(x), and G(x) are integral 
polynomials, then P(x) is said to be divisible by G(x) modulo 
p. The polynomials Q(x) and G(x) are then factors of P(x) 
modulo p. The degree of P(x) is the sum of the degrees of its 
factors Q(x) and G(x). 


If P(x) and G(x) are two integral polynomials of degree n and 
k respectively where n=k , and if the leading coefficient of G(x) 
is equal to 1, then there exist two unique integral polynomials 
Q(x) and R(x) such that: 

P(x)=Q(x)+G(x)+ R(x) (7.8-10) 
where the degree of R(x) is less than the degree of G(x). 


Proof: 

We will proceed using mathematical induction. We will 
assume the proposition is true for integral polynomials having 
any degree <n. Let the leading term of P(x) be aex’". 

We will now consider the integral polynomial: 

P.(x)=P(x)-aex"* «G(x) nzk (7.8-11) 


Since the leading term of P(x) is cancelled in P (x), the degree 
of P(x) is <n. From our induction assumption, there then exist 


integral polynomials Q,(x) and R(x) such that: 
P(x)=Q,(2)+G(x) + R(2) 


where the degree of R(x) is less than the degree of G(x). Using 


(7.8-12) 


equation (7.8-11), we can rewrite equation (7.8-12) as: 


P(x)—aex"® «G(x) =O, (x)*G(x)+ R(x) (7.8-13) 
or 

P(x)=(aex"* +Q,(x))*G(x)+ R(x) (7.8-14) 
Comparing equations (7.8-10) and (7.8-14), we have: 

O(x)=aex"* +Q,(x) (7.8-15) 


and so two integral polynomials, Q(x) and R(x) exist such 
that: 


P(x)=Q(x)+G(x)+ R(x) (7.8-16) 
where the degree of R(x) is less than the degree of G(x). 


To show that Q(x) and R(x) are unique, we assume the 


opposite: 
P(x)=Q(x)+G(x)+R(x)=Q,(x)*G(x)+R,(x) — (7.8-17) 
We then have: 
(Q(x)-@,(x))+G(x)=R, (x)— R(x) (7.8-18) 


and so G(x) is a factor of R,(x)—R(x). But this is impossible 
since the degrees of R(x) and R,(x) are each less than that of 
G(x). Therefore our assumption is wrong, and so Q(x) and 


R(x) are unique. m= 


Note that when an integral polynomial P(x) is divided by 
an integral polynomial G(x), the quotient Q(x) and the 
remainder R(x) need not be integral polynomials unless the 


leading coefficient of G(x) is equal to 1. 


Proposition 7.8-2: 
If p is a prime number, and if P(x)=G(x)+H(x) where P(x), 
G(x), and H(x) are all integral polynomials, then every 
solution of P(x)=O(modp) is either a_ solution of 
G(x)=0(mod p) or of H(x)=0(mod p). 


Proof: 
We are given: 


P(x)=G(x)+H(x)=0(mod p) (7.8-19) 


and so p|G(x)-eH(x). Since p is a prime number, we then have 
either p|G(x) or p|H(x). 
P(x)=0(modp) is either a solution of G(x)=0(modp) or of 
H(x)=0(mod p). m 


If and only if a is a solution of the congruence: 


Therefore every solution of 


P(x) =0(modm) 
where P(x) is an integral polynomial of degree n, will there 
exist an integral polynomial Q(x) of degree n—1 such that: 
P(x) =(x-a)+Q(x)(modm) 


Proof: 


If a is a solution of P(x)=0(modm), then by dividing 
P(x) by x—a we obtain: 


P(x)=(x-a)*Q(x)+r 


where Q(x) is an integral polynomial of degree n—1 (since the 


(7.8-20) 


divisor is of degree 1), and the remainder r is an integer (since 


the leading coefficient of x—a is 1. We therefore have: 


P(x)=(x—a)=Q(x)+r(mod) 
Since a is a solution of P(x) =0(modm), we have: 
x=amodm 
and so: 
P(a)=0=(a-a)+Q(x)+r(modm) 
We then have: 
r = 0(mod m) 
Therefore: 
P(x) =(x—a)+O(x)(modm) 
Conversely, if we have: 
P(x) =(x—a)+O(x)(modm) 


then if x =a, we have: 


P(a)=(a-—a)Q(x)=0(modm) 


(7.8-21) 


(7.8-22) 


(7.8-23) 


(7.8-24) 


(7.8-25) 


(7.8-26) 


(7.8-27) 


and so a is a solution of the congruence P(a)=0(modm). m 


Dividing P(x) by x-1, we obtain: 


x° +5ex+4 


X-1Vx°+40x° —x4+1 


@) 
i es 


5ex? —-x+1 
De ee 

Aex+l 

4ex-4 

5 


Therefore: 

P(x)=x°+4ex? —x41=(x-Le(x? + 5ex44)+5 
and so: 

P(x) =(x-1)(x° + 5+x+4)(mod5) 


which has the form of equation (7.8-25). 


7.8.1 INTEGRAL POLYNOMIAL WITH PRIME 
MODULUS 


If p is a prime number and P(x) is an integral polynomial of 
degree n2p, then the congruence P(x)=0(modp) 


1S 


equivalent to R(x)=0(modp) where the integral polynomial 


R(x) has a degree < p. 


Proof: 
Dividing P(x) by x’-—x, we obtain from the division 
algorithm: 
Bes lee —x)+Q(x)+ R(x) (7.8-28) 


where R(x) has degree <p. From Fermat’s theorem 


(Proposition 4.3-1), we have: 


x? —x =0(mod p) Mel: (7.8-29) 
Therefore: 
P(x) = R(x)(mod p) (7.8-30) 


and so if P(x)=0(mod p), then 
R(x)=0(mod p) (7.8-31) 


We see that the degree of an integral polynomial P(x) ina 
congruence P(x)=0(modp) can be reduced by dividing P(x) 
by x? -x. 


Example 7.8-5 
Using Proposition 7.8-4 reduce the degree of the integral 
polynomial in the congruence: 


Xo +20x° —x° 4+3¢x°+2¢x+4+1=0(mod5) 


Solution: 


Dividing by x° — x we obtain: 


(x? —x)(x°+20x)+5ex° +2+x+1=0(mod5) 


From Fermat’s theorem (Proposition 4.3-1) we have: 


x° —x = 0(mod5) 
and so: 

Xx 4+20x° —x° 4+3ex°+2¢x+1=0(mod5) 
is equivalent to: 


Sex +2ex+1=2¢x+1=0(mod5) 


Example 7.8-6 


Check the results of Example 7.8-5 using Proposition 4.3-11. 


Solution: 
We have for the exponents of: 
x +20x°—x°4+30x° +2¢x4+1=0(mod5) 
the following congruences where p—1=5-1=4: 
9 = 1(mod 4) 
6 = 2(mod 4) 
5 =1(mod4) 
and so we can write: 


X+20x° —x+3ex°+2¢x+1=0(mod5) 


OF 


5ex°+2ex+1=2¢x+1=0(mod5) 
which is the same result found in Example 7.8-5. 


Example 7.8-7 


Find all solutions of 


x) —2ex° —3 ex’ -x°4+90x° +46x-1=0(mod7) 


Solution: 


Using Proposition 4.3-11 to reduce the degree of the 
polynomial where p-—1=7-1=6: 


9 = 3(mod6) 

8 = 2(mod6) 

7 =1(mod6) 
and so: 


x? —2ex*—3 ex’ -x°4+90x° +4¢x-1=0(mod7) 
becomes: 

x? —20x° —3¢x-x°+90x° +4ex-1=0(mod7) 
or 

Tex +x—1=0(mod7) 


and so we have: 


If P(x) is an integral polynomial of degree n modulo p, and 


d,,4,,A,,°**,a, are k pairwise incongruent solutions of 


P(x)=0(mod p) where p is a prime number, then 
P(x)=(x-a,)+(x-a,)+-+-+(x—a,)*Q, (x)(mod p) 
where Q,(x) is an integral polynomial of degree n—k. 


Proof: 


From Proposition 7.8-3 we have: 
P(x)=(x-a,)+Q,(x)(mod p) 
Since a, is also a solution of P(x)=0(mod p), we have: 


P(a,)=0=(a, —a,)+Q, (a, )(mod p) (7.8-33) 


(7.8-32) 


and so p|(a,—a,)+Q,(a,). But a,—a,#0(modp), and so we 
must have Q,(a,)=0(mod p). From Proposition 7.8-3, we then 
have: 

Q, (x) =(x-a,)+Q,(x)(mod p) (7.8-34) 


and so: 


(7.8-35) 


Proceeding in this way, we have finally: 
P(x)=(x-a,)+(x—-a, )e-++e(x—a,)*Q,(x)(modp)  (7.8-36) 


where Q, (x) is an integral polynomial of degree n—k. m 


If p isa prime number and gcd(x, p)=1, then 
x’! -1=0(mod p) has exactly p—1, solutions: 
x?! —1=(x-1)+(x-2)+---*(x-(p—1))(mod p) 
Proof: 
From Fermat's theorem (Proposition 4.3-1) we have: 
(7.8-37) 


x’ = x(mod p) 


where the least residues of x are x=1,2,3,---,p—1. Since 


ged(x, p)=1, we have from Proposition 7.8-5: 


poms —1=(x-1)+(x-2)+---+(x-(p-1))+Q,_, (x)(mod p) 
(7.8-38) 


Since x’"—1 has degree p—1, then Q, ,(x) will have degree 
(p- 1)-(p _ 1) = (). Therefore OF (x) — I(mod p), and so: 


x?! —1=(x—1)+(x-2)+---*(x-(p—1))(mod p) 


We see that x’*-1=0(modp) has exactly p—1 incongruent 


(7.8-39) 


solutions (see Proposition 6.2-7). m 


If p is an odd prime number, and if Q(x) and G(x) are integral 
polynomials of degree n and k, respectively, such that 


x?! 120(x)=G(+) (mod p) 
then 

(x)= 0(mod p) 

G(x) =0(mod p) 


have n and k incongruent solutions modulo p. 


Proof: 
We are given: 
x?" —1=Q(x)+G(x)(mod p) (7.8-40) 
From Proposition 7.8-6, we know that: 
x’ —1=0(mod p) (7.8-41) 
has exactly p—1 incongruent solutions. Therefore 
Q(x)+G(x)=0(mod p) (7.8-42) 


has exactly p—1 incongruent solutions. 
We also know from Lagrange’s theorem (Proposition 6.2-5) 
that: 


Q(x)=0(mod p) (7.8-43) 


and 


G(x) = 0(mod p) (7.8-44) 


cannot have more than n and &k incongruent solutions, 
respectively (although they can have less than n and k 
incongruent solutions, respectively). Since from equation 
(7.8-40) we must have: 


p-l=nt+k (7.8-45) 


this means that the congruences given in equations (7.8-43) and 
(7.8-44) must have the maximum number of solutions: n and k, 
respectively. Furthermore these solutions must all be 


incongruent modulo p.m 


If p is a prime number and P(x) is an integral polynomial of 
degree n< p, then: 
x? —x=Q(x)+P(x)+ R(x) 


where R(x) is an integral polynomial of degree <n, and where 


P(x) has exactly n roots modulo p if and only if p| R(x). 


Proof: 
From the division algorithm, we can write: 


x? —x=Q(x)+P(x)+R(x) (7.8-46) 


where R(x) has degree <n and Q(x) has some degree m. We 


then have: 
tetas (7.8-47) 
and the leading coefficient of Q(x) is 1. 
If p| R(x), then we have: 
x’ —x=Q(x)+P(x)(mod p) (7.8-48) 


Since p is a prime number, each of the p roots must be a root of 
either P(x) or Q(x) (or both). We know that Q(x) has degree 
m=p-—n since P(x) has degree n. From Lagrange’s theorem 
(Proposition 6.2-5) Q(x) has at most p—n roots. Therefore P(x) 
has at least n roots and so has exactly n roots modulo p since 


P(x) is of degree n. 


Conversely, from equation (7.8-46) we have: 


R(x) =x? —x-Q(x)+ P(x) (7.8-49) 


and from Fermat’s theorem (Proposition 4.3-1) we have: 


x’ — x =0(mod p) (7.8-50) 


Therefore every root of P(x) modulo p must be a root of R(x) 
modulo p. If P(x) has n roots, then R(x) has at least n roots. 
This is only possible, however, if p| R(x) since the degree of 


R(x) is less than n. = 


7.8.2 INTEGRAL POLYNOMIAL WITH PRIME POWER 
MODULUS 


To find a solution of a single polynomial congruence 
having the form P(x) =0(mod p’), a solution of the congruence 
P(x)=0(mod p‘) where k <j can be found first. Beginning with 
k=1, solutions of P(x)=0(mod p‘) are found for successively 
higher powers of p using methods given in the following 
propositions until a root of P(x) for the modulus p’ is 
obtained. 

If the solution of an integral polynomial congruence 
P(x)= 0(mod p') is x,, then the residue class of x, will consist of 
all integers x,+j+p*. Included in this residue class will be the 


' for certain values of j. Therefore all 


integers x,+j+*p* 
solutions of P(x)= 0(mod p’") are included in this residue class. 
If the certain values of j can be determined, then solutions of 
P(x)=0(modp‘") can be obtained from solutions of 
P(x)=0(mod p‘). When this is possible, this process is known as 
lifting the solution of P(x) =0(mod jose from the solution of 


P(x)=0(mod p*). 


If p isa prime number and P(x) is an integral polynomial, then 
forkeN and x,jeZ: 


P(x-+ j= p*)= P(x)+P’(x)+ j+ p*(mod p*") 


Proof: 
We will proceed using mathematical induction on the 
degree of P(x). For degree 0 the proposition is clearly true. We 


will assume that the proposition is true for degree n. 


For degree n+1, we have: 

P(x)=c+x+G(x) (7.8-51) 
where G(x) has degree n and c is a constant. We then have: 

P’(x)=x°G'(x)+G(x) (7.8-52) 


4 


where ( ‘ ) indicates the derivative with respect to x. From 


equation (7.8-51) we can write: 
P(x+ j+p')=c+(xt j+p')+G(x+ je p*) (7.8-53) 


Since G(x) has degree n, from our induction assumption we 
have: 
G(x+ js p*) =G(x)+G’(x)e js p* (mod p**") (7.8-54) 
From equations (7.8-53) and (7.8-54): 
P(x+j+p")= c+(x+ j+p")+G(x) 
+(x+ je p*)*G’(x)+j+p*(modp*"')  (7.8-55) 


or using equations (7.8-51) and (7.8-52): 


P(x je p')= P(x) + P'(x)-jep! 
+G’(x)*j° +p” (mod p*) (7.8-56) 


We then have: 

G’(x)+j + p>" = 0(mod p** ) (7.8-57) 
since 2ek>k+1. Therefore: 

P(x+ je p*)= P(x)+ P’(x)+ j+ p*(mod p“') (7.8-58) 


If p is a prime number and if a is a solution of the integral 


polynomial P(x)= 0(mod p* ) where kEN, then: 


Case 1: If p it P’(a), there is precisely one solution b of 
P(x)= 0(mod p** ) such that b= a(mod p*). This 
solution is b=a+ j«p*, where ; is the unique 
solution of: 

P(a) 


P’(a)ej=- x (mod p) 


Case 2: If p| P’(a) and p*" | P(a), there are p solutions of 
P(x)=0(mod p"') that are congruent to a modulo p*. 
These solutions are a+ je p*, where j=0,1,2,-.-,p—l. 


Case 3: If p|P’(a) and p‘" {P(a), there are no solutions of 
P(x)=0(mod p“') that are congruent to a modulo p*. 


Proof: 


Case 1: To find an integer j such that a+ j+p* isa solution of 


P(x)=0(mod p“'), we must find a j that is a solution of: 
P(x+ jp‘) =P(x)+P’(x)ejep'= 0(mod p‘*") (7.8-59) 


as given in Proposition 7.8-9. Dividing equation (7.8-59) by p* 


when x=a, we have: 


(7.8-60) 


k 


P'(a)e =A (mod p) 


From Proposition 5.1-2 we see that the congruence in equation 
(7.8-60) has a unique solution j= j, if we have ged(P’(a), p)=1. 
This requires that p I P’(a). We then have b=a+/j,+p* is a 
solution of P(x)=0(mod p‘). 


Case 2: If p| P’(a), then we must have: 
P(a) 


k 


mz 0(mod P) (7.8-61) 


for there to be any solutions of equation (7.8-59) for j; there 


will then be p solutions for j in a complete residue system, and 


we have p solutions of P(x)=0(mod p‘'): b, = a+ j+p*, where 
GOA oe 


Case 3: If p|P’(a) and p‘'/P(a), then there can be no 
solution of P(x)= 0(mod p*) (see Proposition 5.1-1), and so no 
solution of P(x) =0(mod p‘'). = 


The lifting theorem shows that P(x)=0(mod p‘') can be 
solved by solving P(x)=0(modp*‘), and then raising the 


solutions modulo p* to solutions modulo p*". 


or 


Qe j, =-2 = -1(mod5) 


Therefore j, =1 and we have: 


x, =14+1+5=6 


To find the solution x, of P(x)= 0(mod Si) we first have: 
P’(6)=154 and P(6)=350. We see that 5 /P’(6). There is then 
only one solution x, given by: 

X,=X,+ j,°5° =6+ j, 25 


To find j,, we write: 


P’(6)+ jp =— 62) (moa) 


Zo 
or 


154+ j, = ae =-14(mod5) 


Therefore j,=4 and we have: 
x, =6+4+25=106 
and so the solution of: 
P(x;)=x° +4+x° -2+x+2=0(mod5’) 


1S) — 1068 


If p is a prime number and a is a solution of the integral 

polynomial P(x)=0(mod p), and if p{P’(a), then there exists 

exactly one solution b of P(x)=0(modp‘) such that 

b=a(mod p). 
Proof: 

By Proposition 7.8-10 there exists a unique solution b, of 
P(x)=0(mod p”). Therefore P(b, )= P(a)(mod p). 

By Proposition 7.8-10 there exists a unique solution b, of 
P(x)=0(mod p*) such that: 

b, = b, =a(mod p) (7.8-62) 


Continuing in this manner, we arrive finally at a unique 
solution b=b,: 
b=b, =a(mod p) (7.8-63) 
where 


P(b) = 0(mod p* ) (7.8-64) 


From the above propositions, a method for finding the 
roots of the integral polynomial P(x) =0(mod p') can be 


formulated as follows: 


Find all solutions of P(x) =0(mod p). 


Select one solution a, and determine if 0, 1, or p 


solutions of P(x)=0(mod p’ ) exist by solving: 


(ae j2 (mod p) (7.8-65) 


for j. If no such solutions exist, try another solution 
of P(x) =0(mod p). 


Select one solution a, of P(x)= 0(mod p’) and 
determine if there exist any corresponding solutions 
of P(x) =0(mod p’) by solving: 


P(a,) 


AGS inte (mod p) (7.8-66) 


using P’(a,)=P’(a,)(modp) to calculate P’(a,). 
Repeat this step for all roots of P(x) = 0(mod Pp ). 


Continue this process until all solutions of 


P(x)=0(mod p*) are determined. 


7.8.3 INTEGRAL POLYNOMIAL WITH COMPOSITE 
MODULUS 


If P(x) is an integral polynomial where P(x)=0(modM), and 
if M=m,+m,+m,e-::em, where the m, are pairwise relatively 
prime, then P(x) has a solution if and only if each of the 


equations P(x)=0(modm,) where k=1 to n has a solution. 


Proof: 
The polynomial congruence: 


P(x) =0(mod M) (7.8-67) 


is equivalent to M|P(x), and so if a is a solution of 
P(x)=0(mod™M), we must have: 


m,*m,*m,e---«m, | P(a) (7.8-68) 
and so for each m, we must have: 
m, | P(a) (7.8-69) 


Therefore if a is a solution of P(x)=0(modM), then a must 


also be solution of each of the simultaneous equations: 
P(x)=0(modm, ) 


P(x)=0(modm, ) 


(7.8-70) 


Conversely, if a, are solutions of the simultaneous 
equations (7.8-70), then from the Chinese remainder theorem 
(Proposition 5.2-3) we know that an integer a exists such that: 


P(a)= P(a,)=0(modm, ) k=1ton (7.8-71) 


and since the m, are pairwise relatively prime: 


P(a)=0(modM) (7a) 


The number of solutions of P(x)=0(mod™M) will equal the 
product of the number of solutions of the congruences in 
equation (7.8-70). 


If a is a solution of the integral polynomial congruence 
P(x)=0(modM), where M has the prime factorization 

M= py + ps? + ps? e-+-* po", then a must also be a solution of 
each of the equations P(x) = 0(mod De ) where k=1 ton. 


Proof: 


Follows from Proposition 7.8-12 with m, = p*, since the 


p;* are all pairwise relatively prime. m 


Example 7.8-9 


Find all solutions of: 
P(x)=x° +6¢x-—5 =0(mod105) 

Solution: 

The prime factorization of 105 is: 
105=3-5+¢7 

Therefore we have: 
x°+6¢x—5=0(mod3) 
x°+6ex—5=0(mod5) 
x°+6*x—5=0(mod7) 


Testing x=0,1,2 we find that the congruence 


x°+6*x—5=0(mod3) has one solution: 7, =2mod3. 


Testing x=0,1,2,3,4 we find that the congruence 
x°+6+*x—5=0(mod5) has three solutions: r,=0,2,3mod5. 


Testing x=0,1,2,3,4,5,6 we find that the congruence 


x° +6*x—5=0(mod7) has no solution. 


Therefore no solution can exist for x° +6+x-5=0(mod105). 


Example 7.8-10 


Find all solutions of: 


P(x)=x° —5+x° +48 = 0(mod30) 


Solution: 
The prime factorization of 30 is: 
30=2+3¢5 
Therefore we have: 
x° —5+x° +48 =0(mod2) 
x° —5«x° +48 =0(mod3) 
x° —5x° +48 =0(mod5) 


Testing x= 0,1 we find that the congruence 


x° —5ex° +48 =0(mod2) has two solutions: r, = 0,1 mod2. 


Testing x =0,1,2 we find that the congruence 
x° —5ex° +48 =0(mod3) has two solutions: 7, = 0,2 mod3. 


Testing x= 0,1,2,3,4 we find that the congruence 


x° —5«x° +48=0(mod5) has one solution: 7, =3 mod5. 


Using the Chinese remainder theorem (Proposition 5.2-3) 
with: 


M =2+3+5=30 
M 
1 = =15 
eS == 10 
“ 3 
M 
M,=—=6 
aan) 
15+ y, =1(mod2) = y, = 1mod3 
10+ y, =1(mod3) = y, = 1mod3 
6° y, =1(mod5) =) y,; =1mod5 


we have: 
x=r°M,+y,+n°M,+y,+4°M,+y,(modM) 
and so: 


x=r,-15¢1+r,+10+1+7,+6+1(mod30) 
or 
x=15¢r,+10+7, +6¢7,(mod30) 


Using the following combinations of 7,, r,, and r, from the 


possible solutions: 


fi f fe 
0 0 3 
0 2 5 
il 0 3 
1 2 ) 


we find the 4 solutions of x° —5+x° +48 = 0(mod30): 
x, =15+0+10-0+6+3=18(mod30) 
x, =15+04+10+2+6+3= 38 = 8(mod30) 
x, =15+1+10-0+6+3=33 =3(mod30) 
x, =15+14+10+2+6+3 = 53 = 23(mod30) 


If x“ =r(modm) is solvable, then r is called a kth power 
residue of m if gcd(r,m)=1. Since r is relatively prime to m, so 


must x be. 


Example 7.8-11 
Show that all the quadratic residues modulo 11 are also 4th 


power residues modulo 11. 


Solution: 


1? =10? =1(mod11) 1 =10* = 1(mod11) 


k=l 
where c, € Z,, and if the congruence: 
P(x) =0(mod p) 
has more than n incongruent solutions, then every coefficient c, 
is divisible by p. 
Proof: 
We will assume that there exists some coefficients of P(x) 


that are not divisible by p. If c, has the largest index of all such 


coefficients that p /c,, then we have: 
Cy+¢,ext-+-+¢,°x° =0(mod p) (7.8-73) 


where k<n. From Lagrange’s theorem (Proposition 6.2-5) we 


know that this congruence has at most k incongruent solutions. 


This is contradictory since we are given that this congruence 
has more than n incongruent solutions. Therefore our 
assumption must be wrong and every coefficient of P(x) must 
be divisible by p. m 
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VERIFICATION PROCEDURES 


In number theory it is never safe to assume on the basis of 
successful computations involving trial integers that a given 
proposition is true. This is the case no matter how many trial 
integers are tested and no matter what the size of these trial 
integers. 

A good example from number theory of the pitfalls of 
such trial testing is Fermat's conclusion that all natural 
numbers 1 having the form 2” +1 are prime. He based his 


conclusion on successful tests with the trial integers 


n=0,1,2,3,4. Eventually, however, it was discovered by Euler 
that for n=5, the number 2” +1 is composite. This is an 
example of disproving a proposition by finding a counter- 
example. 

In number theory, empirical evidence is not sufficient to 
establish the truth of a proposition. Rather a deductive 
procedure must be used that procedes from known facts (see 
Wilder, 1944; Renz, 1981; and Tall, 1989). There exist a number 
of such verification procedures for mathematical propositions 
that make it possible to ascertain that a given proposition is 
true. Some of the more important of these for number theory 


are: 
1. Direct proof. 
2. Proof by mathematical induction. 
3. Proof by contradiction. 


4. Proof by infinite descent. 


B.1 DIRECT PROOF 


Any verification procedure for a given mathematical 
proposition that relies on a logical series of algebraic steps is 
known as a direct proof. An illustration of direct proof is given 


for the following proposition. 


The product of two integers is even if one or both of them is 


even. 


Proof: 

Every even integer must have the form n=2+k where k is 
an integer. Every odd integer must have the form n=2+k+1 
where k is an integer. Therefore we have for the product of two 


even integers: 

(2+k, )*(2+k, )=4ek, +k, (B.1-1) 
which is even. For the product of one even integer and one odd 
integer, we have: 

(2+k, +1)+(2+k,)=4ek, ek, +20k, =20(2¢k, ek, +k)  (B.1-2) 


which is even. & 


B.2 PROOF BY MATHEMATICAL 
INDUCTION 


Mathematical induction is a verification procedure that 
consists of the following three steps: 


1. Showing directly that the proposition is true for n=1. 


2. Assuming that the proposition is true for an arbitrary 


positive integer n =k (the inductive hypothesis). 


3. Demonstrating that if the proposition is true for n=k, 


it is then true for n=k+1 (the inductive step). 
4. The proposition is then true for all integers 


From the first and third steps (both steps must be verified!), the 
proposition is shown to be true for n=1, and for the next 
integer, and the next integer, etc., and thus for all values of n 
(see Young, 1908; Bussey, 1917; Cajori, 1918; Hoar, 1922; Henkin, 
1960; Sominsky, 1960; and Friedberg, 1968). 

Mathematical induction is often used to verify laws 
involving the natural numbers. The first explicit statement of 
the proof by mathematical induction appeared in 1665 in the 
book Traité du Triangle Arithmétique by Pascal. An illustration of 
proof by mathematical induction is given for the following 


proposition (see Example 2.7-1). 


The geometrical progression: 


S = LEXt 4X pet x" (B.2-1) 
is equal to: 
D cies a | 
SS (B.2-2) 
<1 


Proof: 
1. For n=1 we have from equation (B.2-1): S, =1+x. From 


equation (B.2-2) we have: 


I-x? (1-x}-(1+x) 
See camer ae - 
wee aie (B.2-3) 


and so equation (B.2-2) is verified for n=1. 


2. Assume equation (B.2-2) is true forn=k where k is 


arbitrary: 


= k4+1 
eee (B.2-4) 
1-x 


3. Forn=k+1 we have from equation (B.2-4): 


l-x wy Lax +x" (1-2) 
ie 


ea i ee (B.2-6) 


(B.2-7) 


B.3. PROOF BY CONTRADICTION 
Proof by contradiction is a verification procedure that 


consists of the following three steps: 


1. Assuming that the mathematical proposition we wish 


to prove is false (or true). 


2. Showing that assuming the proposition to be false (or 


true) leads to a contradiction. 


3. Concluding that our original assumption that the 
proposition is false (or true) was wrong; the 


proposition must be true (or false). 


Proof by contradiction is also known as indirect proof and as 
reductio ad absurdum. An example of proof by contradiction is 


given for the following proposition: 


No integer exists between 0 and 1. 


Proof: 

We will assume that at least one positive integer exists 
between 0 and 1, and that the smallest such positive integer is 
a. We then have: 


O<a<l (B.3-1) 


Multiplying this inequality by a, we obtain: 

O0<a <a (B.3-2) 
We see that a’ is smaller a. This is impossible since a was 
chosen as the smallest positive integer between 0 and 1. 
Therefore a smallest integer between 0 and 1 cannot exist, and 


so, contrary to our original assumption, no integer exists 


between 0 and 1. g 


B.4 PROOF BY INFINITE DESCENT 


Infinite descent is a special kind of proof by contradiction 
developed by Fermat in 1659 (see Bussey, 1918; Mahoney, 1972; 
Tat-Wing, 2005; Wirth, 2010; and Dolan, 2011). Infinite descent 
is a verification procedure that consists of the following four 


steps. 


1. Assuming that the mathematical proposition we wish 


to prove is false. 


2. Selecting some integer property that is inherent to the 
proposition being false. 


3. Showing that the existence of a set of positive integers 
having this property always implies the existence of 


smaller positive integers having the same property 


(resulting in a non-terminating descending sequence 


of positive integers). 


4. Concluding that, since only a finite number of 
positive integers exist that are smaller than any given 
positive integer, the integer property must be non- 
existent. Therefore, our original assumption that the 
proposition is false was wrong; the proposition must 


be true. 


An illustration of proof by infinite descent is given for the 


following proposition. 


J2 is irrational. 


Proof: 


We will assume that J2 is rational and so can be 


represented by an integer a divided by an integer b: 

v2=5 (B.4-1) 
or 
(B.4-2) 


We then have: 


a =2+b (B.4-3) 
Therefore a must be even and so: 

a=2-k (B.4-4) 
where k is some integer. We then have: 

Aek? =2-b° (B.4-5) 


or 


b? =20k° (B.4-6) 
From equation (B.4-3) we see that 2|a. From equation (B.4-6) 


we see that 2|b. Therefore equation (B.4-1) can be rewritten as: 


a 
V2=— (B.4-7) 
where a’=a/2 and b’=b/2. Moreover, this same process of 
reducing both the integers a and b in equation (B.4-1) by a 
factor of 2 to obtain new smaller integers can continue 
indefinitely. Since this is clearly impossible, our assumption 


that V2 is rational must be wrong; 2 is irrational. m 


Every integer a>1 has a prime factor. 


Any composite number a has factors b and c such that 


a=bec where: 


Raped aed 


SUMMARY OF PROPOSITIONS Epasinionee 


Any composite number a has a factor d such that |<ds a”, 


Any composite number a has a prime factor p< a”. 


If an integer a is odd, then for some k € Z we will have either 


pe Bee eg ty Proposition 1.6-1 (Unique factorization theorem): 


Any natural number a> 1 that is not itself a prime number can 


Ifa and b are odd integers having the form 4°k+1 where be factored uniquely as the product of two or more prime 
k € Z, then their product aeb also has the form 4¢k +1. numbers. 
Any composite number can be decomposed into factors that are If a" —1 is a prime number where n>1 and a>1, then a=2 


; eit 
all prime numbers. and n is a prime number: 2? -1. 


Ls ecd(a, b) < min(a, b). 
The number of prime numbers is infinite. 


If a=0, and if b|a, then gcd(a,b)=b. 
If cla and c|b, andx,y eZ, then c\(asx+bey). 


If a|c and b\c, and if gcd(a,b)=1, then asb|c. 
If p, and p, are prime numbers, then if and only if p, = p, will 


P| Po Proposition 2.1-9: 


Ifa,beZ have the prime factorizations 


~ 
= 


If a>1, then some prime number p exists such that p|a. a= [| Urs []“ 
k=1 


then the gcd(a,b) has the prime factorization 
IfaeZ and méN,, then there exist a unique pair of integers q 


and r such that: gcd(a, b) a | Bee 
k=1 


a=qem+r Osr<m 
where min(a%,, B,) is the minimum value of a, and B, for the 


given p,. 


If a and b are integers and not both zero, then gcd(a,b) exists 


and is unique. 


fa b) 
If ged(a,b)=d, then ged| <° J=1. 
\ G J 


Ifa,beZ and a and b are not both zero, and if d = gcd(a,b), 
then d is the smallest positive integer that can be expressed as a 
linear combination of a and b: 

d=aextbey= gcd(a,b) 


where x,yeEZ. 


Ifa,beZ and a and b are not both zero, and if d = gcd(a,b), 


then there exist integers x, ye Z such that: 


d=a+xtbey=ged(a,b) 


If c\a and c\b, then c|gcd(a,b). 


gcd(a,b) = gcd(a, qeatb). 


Given the division algorithm: 


a=qem+r Osr<m 
then 


gcd(a,m)=ged(m,r) 


ecd(a, m) = gcd(m, a—qe m). 


If cla and c|b, then: 


gcd(a,b)=1 if and only if integers x and y exist such that 
aext+tbey=l. 


An integer c is an integral linear combination of a and b if and 


only if c is a multiple of gcd(a, b). 


Ifa,b,ceZ, then gcd(c,a)+ged(c,b) = gcd(c,a+b). 


If ged(a,b)=1 and if d|a+b, then d=gcd(d,a)+gcd(d,b). 


gcd(kea,keb)=k+gcd(a,b) where keN. 


If gcd(a,b)=aex+bey, then ged(x,y)=1. 


If ged(a,b)=1 and gcd(a,k+b)=d, then d|k. 


If a,,a,,°++,a, are nonzero integers where n= 3, then 


gcd(a,,d,,--+,d,) =gced(ged(a,,a,,+++,4,,).4,). 


If gcd(a, b)=1, then ged(a%,b?)=1. 


If a|b+c and gced(a,b)=1, then a|c. 


gcd(a,bec)=1 ifand only if gcd(a,b)=1 and gcd(a,c)=1. 


and 


gcd(a+b,c)=1 if and only if gcd(a,c)=1 and gcd(b,c)=1. 


If a|b+c and if d=gcd(a,b), then (a/d)|c. 


If p is a prime number, then gcd( p,a)=1 or ged(p,a)= p. 


If ged(a, p)=1 and ged(b, p)=1, and if a+ p* =b« p' where p 


is a prime number, then k=1. 


Ifa,beZ have the prime factorizations 


a=| | b=| |r? 
k=) 


so that gcd(a,b) has the prime factorization 


n 


gcd(a,b)= I] pee 


k=1 
then gcd(a,b)=1 if and only if a, +8, =0 forall k. 


Two consecutive integers a and a+1 are always relatively 


prime. 


If gcd(a,b)=1 and cla, then gcd(c,b)=1. 


If gcd(a, b) aie gcd(b, c) =1,and ged(a,c) =|, then 
gcd(a,b,c)=1. 


Given any arithmetic progression of n terms: 
a,atb,at+2¢b, a+3¢b,-++,at+(n—-l)*b 
where gcd(a,n)=1 and gcd(b,n)=1, only one term of the 


arithmetic progression will be divisible by n. Moreover the other 


terms will all yield different remainders when divided by n. 


If p isa prime number and p\|aeb, then p|a or p|b. 


If p isa prime number and p|a’, then p\a. 


If p isa prime number and p|||a,, then p must divide at 


least one of the factors a, . ae 


If p is a prime number, and gcd(p,a)=1 and gcd(p,b)=1 
then gcd(p,aeb)=1. 


| 


If p| Ila , where p and q, are all prime numbers, then 
k=1 


p=4, for some k. 


If p isaprime number and if p|a", then p" \a". 


ia Il p,* is the prime factorization of a, then b|a if and 
k 


only if b=| | pf where 0< B, <a, for all k. 
k 


If p isaprime number and p|a, then p is one of the factors in 


the prime factorization of a. 


There are infinitely many primes of the form 3+k+3 where 
kKeN. 


ged(a,b, +b, +b,*---eb,)=1 if gcd(a,b,)=1 for i=1,2,3,---,k. 


If ged(a,b)=1 then gcd(a, b‘) =1 forall k. 


If aeb is a square and if gcd(a,b)=1, then a and b are both 


squares. 


For jéN, gcd(a’,b’) = | ged(a, by]. 


If a,meéN, then gcd(a,m) can be computed by a finite number 
of applications of the division algorithm, thereby obtaining a set 


of remainders. The last nonzero remainder is gcd(a,m). 


If f(n)=1 when neN, then f(n)=1 is multiplicative. 


If f(n)=n when néN, then f(n)=n is multiplicative. 


a 


If f is a multiplicative function and a is a positive integer 
having the prime factorization: 
a= pi peepee pe =] | pe 


then 


If f and g are multiplicative functions, then so are F = f + g 


and F= f/¢ where g#0 when g is a divisor. 


If the prime factorization of an integer N is: 


INE= 3p elemre © pS? oreo en =|] 


then 


()=] Jia) 


n 


tl 
o(W)=] [ (142.403 +23 +--+0")= | [2 — 


k=1 k=1 p-l 


If f and g are multiplicative functions and d is a nonzero 


integer, then ¥. f(d)+ g(n/d) is multiplicative. 


d|n 


The number theoretic functions t(n) and o(n) are 


multiplicative functions. 


If a and b are positive integers, then the lcm(a,b) exists and is 


unique. 


If a,beZ have the prime factorizations 


k=1 


then the \cm(a,b) has the prime factorization 


Icem(a,b) = Ee 
el 
where max(a@,,f,) is the maximum value of a, and B, for the 


given p,. 


If a,,a,,°+:,a,€N where k 23, then 


lem(a,,4,.+++,a,) =lem((a,,4, 4° .d,,) +). 


If a,,a,,---,a, €N are pairwise relatively prime, then 


Iem(@,,d,,°+*,, ) =a, 9d, er8 dy. 


max(a+b)+min(a*b)=a+b where a,beN. 


If a|c and b|c, then |cm(aeb)|c. 


If gcd(a,b) = gcd(a,c) and lem(a,b)=1cm(a, c), where 
a,b,c EN, then b=c. 


If and only if p isa prime number will @( p)= p-1. 


If and only if p is a prime number and k >0, then: 


6( p‘)= p* - p*" = phot |= pt (p-1 


IfneN, then: 


If p is a prime number, then: 


(p*") = p+9(p*) 


If 2? -1 isa prime number, then 2’" « (2? - 1) is a perfect 
number. 


tieNe= 2h “(2” — 1) is an even perfect number, then 2? —1 must 


be a prime number. 


a=b(modm) if and only if a~b=q-+m for some integer q. 


a=b(modm) if and only if a and b leave the same remainder 


when divided by m. 


1. Reflectivity: a=a(modm). 
2. Symmetry: If a=b(modm), then b=a(modm). 


3.  Transitivity: If a= b(modm) and b=c(modm), then 


a=c(modm). 


If p is a prime number and asb=0(mod p), then we have 
a=0(mod p) or b=0(mod p). 


If asc=bec(modm) and ged(c,m)=1, then a=b(modm). 


If a=b(modm) and 0 <|a—b| <m, then a=b. 


Every integer a is congruent modulo m to one and only one of 
the least residues: {0,1,2,3,---,m—1}. 


Two integers a and b are in the same residue class if and only if 


a=b(modm). 


Any m consecutive integers will form a complete residue system 


modulo m. 


If a=b(modm), then gcd(a, m) = gced(b, m). 


If ged(a,m)=1 and {1,,1,,7,,---.1, } is a complete residue 
system modulo m, then {aer,,a*r,,a*1,,--,a*T, } 
is also a complete residue system modulo m, and is congruent 


tO {7..1.Ty.*++4T, } in some order. 


o(n) is a multiplicative function. 


If the prime factorization of a natural number n is: 


a A, A, 
= Dee Dae tee 


then 


Ifn>2, then o(n) is an even integer. 


If and only if p and q are two different prime numbers, then: 
6(p-4)=6(p)+9(4)=(p-1)-(q-1). 


¢(2+¢n)=(n) if and only if n is an odd integer. 


If a,beN and a|b, then ¢(a)|o(b). 


If aeN, then o(a’)=a+(a). 


TIC A EIBU Cpe Easley WEE NaN ce Given the congruence a=b(modm), an integer c can be added 


to or subtracted from both sides of the congruence: 


atc=b+c(modm) 
o(n)=n/2 if and only if n=2". 


Given the congruences a, =b,(modm) and a, =b,(modm), 
Ifat+b = c(mod m) and b= d(modm) , then we have then we have: a,°a, = b, +b, (mod m) f 
a+d=c(modm), 


If a=b(modm) then aec=be+c(modm), 
If a=(b+k+m)(modm), then a=b(modm). 


If ceN, then a=b(modm) if and only if 
Ifaeb=c(modm) and b= d(modm), then asd =c(modm). aec=bec(modmec). 


Given the congruences a,=b,(modm) and a, =b,(modm), If a=b(modm) and c|m, then a=b(modc). 
then we have (a, +a,)=(b, +b, )(modm). 


‘g * 
If aec=b+c(modm) and d=gcd(c,m) then a= b| mod 
Given the congruence a, =b,(modm) where i=1,2,3,---,n, we 


have Sa = ¥p, (mod). 


i=l i=l 


If aec=b+d(modm) and gcd(c,m)=1, then a=b(modm). 


If a=b(modm), d\a, d|b, and d|m, then: 


G22) m 
—=—| mod— 
d Al =| 


If and only if m,,m,,-++,m, €N and a=b(modm,) for 


i=1,2,3,--+,n, does a= b(modlem(m,,m,,-++,m,)): 


If and only if m,,m,,m,,-:+,m, are pairwise relatively 
prime and if a=b(modm,) for i=1,2,3,---,n does 


a= b(modm, °m,*mM, ose, ). 


If a=b(modmen) where m,néeN, then a=b(modm) and 
a=b(modn). 


If a=b(modm) where m has the prime factorization 
M= Poe pe pS ee p™, then a= b(mod p* ) for 
£=1;2,3,-0°n. 


If and only if gcd(a,m)=1, does there exist a unique integer a’ 


such that: 


asa’ =1(modm) O<a'<m 


The number of least risidues modulo m for which there exists a 


multiplicative inverse is given by Euler’s phi function o(m). 


If ged(a,m)=1 and ged(b, m) =1, then: 


(aeb) =a'+b'(modm). 


If p isa prime and gcd(a, p)=1, then aéN is its own inverse 
modulo p if and only if a=1(mod p) or a=(p-—1)(mod p). 


m is a prime number if and only if (m—1)!=—1(modm). 


If aeb=1(modm), then gcd(a, m) =1 and gcd(b, m) Sib 


If p is an odd prime number and ged(a, p)=1, then 
a’ =b"(mod p) if and only if a=b(mod p). 


Ifa=b(modm), then a" =b"(modm) for neN. 


P(x)= Vo qex! 


be a polynomial function of x with c, €Z. If a=b(modm), 
then we have P(a)= P(b)(modm). 


If P(x) is a polynomial function of x with integral coefficients, 
and if P(a)=0(modm), then we must have P(b)=0(modm) if 


a=b(modm). 


A number n is divisible by 3 if and only if the sum of its digits 
is divisible by 3. 


A number n is divisible by 9 if and only if the sum of its digits 
is divisible by 9. 


A number n is divisible by 11 if and only if the alternating sum 
of its digits is divisible by 11: 


k 
11 | Y-) °C; 
i=0 


If a is an odd integer, then a** =1(mod8) where keN. 


If a is an odd integer, then a” = 1(mod A) where n= 3. 


If p is a prime number, we have: 


(x+y) = (x? +y? )(mod p) 


If p isa prime number, we have: 


a’ =a(mod p) 


If gcd(a, p)=1 where p is a prime number, then 


a?’ =1(mod p) 


If m is a composite integer having the prime factorization: 


m= [|e 
a= 


where the p, are distinct odd prime numbers such that 


(p,-1)|(m-1) for each i, then m is a Carmichael number. 


If p>3 isaprime number, then p* =1(mod3) 


If p and q are two distinct prime numbers such that 


a’ =1(modq) and a’ =1(mod p), then a?’ =1(mod pq). 


If p and q are two distinct prime numbers such that 


a’ =a(modq) and a‘ =a(mod p), then a’ = a(mod pq). 


If p and q are two distinct prime numbers, then: 


p'+q’ =(pt+q)(mod psq). 


If a’ =1(modm) and a" =1(modm) where g,hEN, and if 
d=gcd(g,h), then a‘ =1(modm). 


If p is a prime number and gcd(a, p)=1, and if g is the 
smallest positive integer such that p | (a° — 1), then g| pl. 


If p is a prime number and if ae Z such that gcd(a, p)=1, 
then a?” is a multiplicative inverse of a modulo p. 


If p is an odd prime number and if n=r(mod p—1) where 


n=pand1srsp-l, then a" =a'(modp). 


If p and q are prime numbers where gcd( p,q) =1, then: 


p'' +q?* =1(mod peq). 


If ged(a,m)=1 and if thot. Ty's, eed is a reduced residue 
system modulo m, then [ath deh. der. der, 
reduced residue system modulo m, and is congruent to 


Ga is also a 


VEG fog ee in some order. 


If gcd(a, p)=1, where p is an odd prime number, then the least 
residue system 1 Feats; For resi modulo p is congruent to 


{aer,,der,,aer,,-,aer,,} modulo p in some order. 


If and only if gcd(a,m) =1, then a*”’ =1(modm). 


If gcd(a, m)=1, then the multiplicative inverse a‘ of a modulo 


m is given by a‘ =a""", 


If p is an odd prime number and if gcd(a, p)=1, then: 


(p-1)/2 


a =—1(mod p). 


If p is a prime number and if gcd(a, p)=1, then: 


grr) = 1(mod p’). 


If p and q are different prime numbers and if gcd(a, p+q)=1, 
then a'?'"*) = 1(mod p-q). 


a+x=b(modm) has a solution if and only if gcd(a,m)|b. 


a+x=b(modm) has exactly one unique solution if and only if 


gcd(a,m) = ie 


If aex=b(modm) has a solution x = x,, it will have gcd(a,m) 
incongruent solutions given by: 


Dirac te 0<k<gcd(a,m)-1 


gcd(a, m) 


If gcd(a,m)=1, then ae x =1(modm) has exactly one unique 


solution x=a™'. 


If gcd(a,m)=1, then x =a" «b is the unique solution of 


aex=b(modm). 


! 


If gcd(a,m)=1, then x =a" eb is the unique solution of 


aex=b(modm). 


If aex=1(modm) has a solution, then gcd(a,m)=1 and 


aext+mey=l for some x,yeZ. 


If cla, c|b, and c|m, then asx =b(modm) if and only if: 


a Al m \ 
a ee 4 
Cc Cc Cc 


If ged(c,m)=1 and cla and c\b, then asx =b(modm) if and 
only ff: 


tiem 
C Cc 


If for 1s k<n the moduli m, are pairwise relatively prime in 
the linear system of congruences a, «x =b,(modm, ), and if 
gcd(a,,m,)=1, then the system a, «x =b,(modm, ) is 


equivalent to the system x =a,'+b,(modm, ). 


A solution exists for the system of simultaneous linear 
congruences: 


x =r,(modm,) 


x= r,(mod m, ) 


if and only if gcd(m,,m,)|(r%, —7,). If a solution exists, it has the 


The congruence avx+b+*y=c(modm) has exactly m 


incongruent solutions if gcd(a,m)=1 or gcd(b,m) =1. 
If m,,m,,m,,**+,m, are positive integers that are pairwise proposition 523: 


form x=X, (modlcm(m, ili )). 


relatively prime so that gcd(m,,m,)=1 for i#k, then the 


system of simultaneous linear congruences: The system of two linear congruences: 
x =r,(modm,) a,+x+b,+y=c,(modm) 
x =r,(modm, ) d,+x+b,+y=c,(modm) 
x =r,(modm, ) has a single unique solution modulo m if and only if 


gcd(a, +b, —a,+b,,m)= I. 


x= 7,(modm,) Proposition 5.3-4: 


has a single unique solution modulo M =m,+m,+m,+---*m If the system of two linear congruences: 


which is given by: a,+x+b,*y=c,(modm) 


x=neM,-y,+meM,+y,+--+7,° M,+ y,(mod M ) GILDA Vise (modm) 


where M.=M /m, and y, =M-' modm,. pas 
has a single unique solution modulo m, then this solution is: 


Proposition 5.3-1: xX) =(a,*b,—a, +b) +(b, +c, +c,) 


The linear congruence a+ x+b+y=c(modm) has solutions if ty 
i Vy =(a,°b, —a,+b,) *(a,*C,-a,°C,) 
and only if gcd(a,b,m)|c. ee 2 


If and only if gcd(a,m)=1 will we have: 
a" =1(modm) 


for someheN. 


If a=b(modm), then a and b have the same order. 


If gcd(a,m)=1 and h=ord,,(a), then a‘ =1(modm) if and 
only if h|k. 


If h=ord,,(a), then h|o(m). 


If h=ord,(a) where p is a prime number, then h| p—1. 


If p and q are odd prime numbers, and if q| (a’ = ia then either 
q|(a—-1) or g=2+k+p+l for some positive integer k. 


If hek =ord,,(a), then k =ord,, (a' iF 


If h=ord,,(a), then a' =a!(modm) if and only if i= j(modh). 


m 


If h=ord,,(a), then a,a’,a’,-+-,a" are mutually incongruent 


modulo m. 


h ord, (@) 


If h=ord,,(a), then Ae Srairas SeiCreey 


If h=ord,,(a), then h=ord,,(a*) if and only if ged(h,k)=1. 


m 


If h=ord,,(a), then there are exactly (h) elements of the set 


{a,a°,---,a"} which have order h modulo m. 


If a" =1(modm), a’ =1(modm), and d= ged(h,,h,) where 
h,,h,€N, then a“ =1(modm). 


If ged(ord,, (a), ord,,(b))=1, then: 


ord, (a) Z ord, (d) r= ord, (a . b) 


eae =I(modm), a” = (modn), and gcd(m,n)= 1, then 
a‘ =1(modmen) where k=h,+h,/gcd(h,,h,). 


If 2eh=ord,(a) where p is an odd prime number, then: 


a’ =-1(mod p). 


If a” is the multiplicative inverse of a modulo m, then: 


ord,, (a) = ord,, (a). 


If gcd(m,n)=1, then ord,,.,, (a) =lcm(ord,, (a), ord, (a))- 


If a is a primitive root of m, then a‘ is a primitive root of m if 
and only if ged((m),k) =1. 


a is a primitive root of m if and only if a*” #1(modm) for all 


prime numbers q such q\@(m). 


If and only if a is a primitive root of m will the least residues 


3 


modulo m of the elements 4, Wee a”) form, in some 


order, a reduced residue system modulo m. 


If méEN has a primitive root, then it has exactly (o(m)) 


incongruent primitive roots. 


If p isa prime number and P(x) is a polynomial of degree n: 


n 


P(x)= Yigea! 


k=1 
where c, €Z and gcd(c,,p)=1, then the congruence: 
P(x) =0(mod p) 


has at most n incongruent solutions modulo p. 


If n,k EN such that k\n, then the polynomial x‘ -1 is a factor 
of the polynomial x" —-1. 


If p is an odd prime number and k|( p—1), then x“ =1(mod p) 


has exactly k incongruent solutions. 


If p is an odd prime number and h|( p—1), then the number of 


integers 1S as p—1 having order h modulo p does not exceed 


o(n). 


If p is an odd prime number, then the number of incongruent 


integers a having order h modulo p is 0 if h{(p—1) or 6(h) if 


h|(p-1). 


If p is an odd prime number, then there are exactly 6( p—1) 


incongruent primitive roots of p. 


Every prime number p has a primitive root. 


If p is an odd prime number and if a is a primitive root of p 


where k >2, then a is also a primitive root of p*”. 


2 and 2° have primitive roots. 


2" does not have primitive roots if k = 3. 


If ged(m,n)=1 where m>2 and n>2, then the integer m 


has no primitive roots. 


Any integer divisible by two distinct odd prime numbers has no 


primitive roots. 


Any integer having the form 2" « p’, where p is an odd prime 


number and where k 22, has no primitive roots. 


k 


“nl 


If p is an odd prime number having a primitive root a, then 


either a or a+ p isa primitive root of p*. 


If p is an odd prime number, then p* will always have a 


primitive root. 


If p is an odd prime number, and if a is a primitive root of p’, 


then a is a primitive root of p* for all k>2. 


If p is an odd prime number, then a primitive root exists for all 
p with k= 1. 


If p is an odd prime number, and if a is a primitive root of p* 


where k >1, then either a or a+ p* is a primitive root of 2+ p*. 


If m22, then m will have a primitive root if and only if 
m=2,4, p*, or 2p‘, where p is an odd prime number and 
kKeN. 


If we have: 


a” =1(mod m) 


gh DIP x I(mod m) 


where p is every prime number such that p|(m-—1), and a is 


some integer, then m is a prime number. 


If p is an odd prime number and if 


a=1 


S =-1(mod p) if (p—-1)|k 


If a‘ is a primitive root of m, then a is a primitive root of m. 


A least residue a will be a primitive root modulo m if and only 
if its multiplicative inverse a~ is a primitive root modulo m. 


If a is a primitive root of m so that ged(a,m)=1 and 
ord,, (a) = (m) 


and if b is a positive integer where gcd(b,m)=1, then there 


exists a unique integer k where 1<k<(m) such that: 


a‘ = b(modm) 


If a is a primitive root of m, then ind,(a)=1(modo(m)). 


If a is a primitive root of m, then ind,(1)=0(modo(m)). 


If a is a primitive root of m where m>2, then: 


ind, (m—1)= ot) 


If a is a primitive root of p, where p is an odd prime number, 


then: 
p-1 
dei = 
ind, (p—1) 5 


If a is a primitive root of m, and if b=c(modm), then 
ind, (b)=ind, (c). 


If a is a primitive root of m, then: 


ind ,(b+c)=ind,(b)+ind, (c)(modo(m)) 


If a is a primitive root of m, k€N,and a=b(modm), then: 


ind, (b‘)=k-ind, (b)(modo(m)) 


If a and a’ are both primitive roots of m, then: 


ind, (b)= ind, (a’)+ind, (b)(modo(m)) 


If m has a primitive root, and if gcd(b,m)=1, then the 


congruence x" =b(modm) has a solution if and only if 


b*"4 = 1(modm) 


where d = gcd(k,(m)); moreover, if x* =b(modm) has a 
solution, it will have exactly d incongruent solutions modulo 


Mm. 


If p isa prime number, and if gcd(b, p)=1, then the 


congruence x“ = b(mod p) has a solution if and only if 
pb’? = 1(mod p) 


where d= gcd(k, p—1); moreover, if x‘ =b(mod p) has a 
solution, it will have exactly d incongruent solutions modulo 
P. 


If gcd(4*A,m)=1 then all solutions of the congruence 
Aey +B+*y+C =0(modm) can be found by solving 
x° =r(modm) where r= B’ —4+A+C and where 
X=2eAcyt+B. 


If gcd(A, m)=1 then all solutions of the congruence 
Aey +B+y+C=0(modm) can be found by solving 
x° =r(mod4+A+m) where r= B’ —4+A+C and where 
x=2-AcytB. 


If p is an odd prime number and gcd(A, p)=1, then 
Aey +Bey+C =0(mod p) has: 


2 solutions if B’ -4+A+C isa quadratic residue modulo p 
1 solution if B’ —4+ AC is congruent to 0 


0 solutions if B’ —4+*A+C is a quadratic nonresidue modulo p 


If p isa prime number, then x° =a*(mod p) if and only if 
x= +a(mod p). 


If p is an odd prime number and if 0<x <p, then 


x° =1(mod p) if and only if x=1 or x= p-l. 


If p is an odd prime number and gcd(a, p)=1, then the 
congruence x° =a(mod p) has either no solutions or exactly two 
distinct solutions. If x, is one solution, then p—x, is the second 


incongruent solution. 


Every odd prime number p has exactly (p—1)/2 quadratic 


residues and exactly (p—1)/2 quadratic nonresidues. 


If p is an odd prime number, and if gcd(a, p)=1, then a isa 
quadratic residue of p if and only if a'’* =1(mod p). 


If p is an odd prime number, and if gcd(a, p)=1, then a isa 
quadratic nonresidue of p if and only if a”)? =-1(mod p). 


If p is an odd prime number, and if gcd(a, p)=1, then a isa 
quadratic residue or nonresidue of p depending on whether 


a’) =1(mod p) or a'’)” =-1(mod p), respectively. 


If p isan odd prime number, then every primitive root of p is a 
quadratic nonresidue. 


If p is an odd prime number and gcd(a, p)=1, 
and if solutions of x° =a(mod p) exist, then 


x=ta'’")* (mod p). 


If a and b are two quadratic residues of an odd prime number 


p, then aeb is also a quadratic residue of p. 


If a and b are two quadratic nonresidues of an odd prime 


number p, then aeb is a quadratic residue of p. 


If a is a quadratic residue and b is a quadratic nonresidue of an 
odd prime number p, then aeb is a quadratic nonresidue of p. 


If p is an odd prime number, then every quadratic nonresidue of If p isan odd prime number and a and b are any integers 
p isa primitive root of p if and only if p=2* +1. where gcd(a+b, p)=1, then if a=b(mod p), we have 
Proposition 7:1-17; Bee 
If a is a primitive root of p where p is an odd prime number, SESE 
then the even powers of a: Proposition 7.2-3: 
aaa a? If p is an odd prime number, then 
are congruent to the quadratic residues modulo p, and the odd nt 
powers of a: >(¢] =0 
De Ga e 


are congruent to the quadratic nonresidues modulo p. Proposition 7.2-4: 
If p is an odd prime number and if a and b are any integers 


Proposition 7.2-1: such that p I aeb, then 


If p is an odd prime number and a is a positive integer where - ‘ 
; a b acb | 
gcd(a, p)=1, then we have: al ae | 


LP P) 
ge)? = (= (moa P) 
P 


If p isan odd prime number and gcd(a, p)=1 then 


or 


If p is an odd prime number and q is a prime number where 


p#q, then 


If a is a quadratic residue of an odd prime number p, then —a is 


also a quadratic residue of p if and only if p=1(mod4). 


If p is an odd prime number, then 


ews 


If p isan odd prime number and q is a prime number where 


p#q, then 
fk’ 
|= |=1 if k is even 
ee 
eae 
ees if k is odd 
Nel ce eae 


If we have the following: 
e  p isanodd prime number 
® gcd(a, P) =A 


e the set G consisting of the integers: 
( 

G= 4d, 2¢a, 3a, + 
( 

e nis the number of the least residues of these integers 
modulo p that are greater than p/2 


then a 1s a quadratic residue or a quadratic nonresidue of p 


depending on whether n is even or odd, respectively; that ts: 


If p is an odd prime number, then If p and 4+ p+1 are both odd prime numbers, then 2 is a 
primitive root of 4* p+. 
Ae. if p=1(mod8) or p=7(mod8) 
(Py Proposition 7.3-6: 
If p and 2+ p+1 are both odd prime numbers, then 
[2)=-1 if p=3(mod8) or p=5(mod8) p22 (sir 
Sy 


is a primitive root of 2° p+. 


as = eds) Proposition 7.4-1 (Eisenstein’s lemma): 
: If p is an odd prime number and a is an odd integer where 


gced(a, p)=1, then 
ee if p=+3(mod8) 
wee 


LEE ages 


If p is an odd prime number, then ke 
iP P where As 
Pp 


[2) = 
P Proposition 7.42: 
If p and q are distinct odd prime numbers p#q, then 


If q is a prime factor of a Mersenne number M,=2? —1 where p 


is an odd prime number, then q =1(mod p) and q=+1(mod8). 


If p is an odd prime number, then 


(q Z ee ce 
(Z } (4)- ely (3) if p=1(mod12) or p =11(mod12) 


If p and q are odd prime numbers where p#q_, then 


1s 


if p=5(mod12) or p=7(mod12) 


ART 
e*) 
Set bets 87 
II 
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If p and q are odd prime numbers where p#q, then 


Pp 
[2 (e 4, of p=l(mod4) and/or q=1(mod4) or 
4) eee if p=q=3(mod4) 3 
Sal if p=+1(mod12) 
Proposition 7.4-5: z 
If p and q are odd prime numbers where p#q_, then (2) Le if p= +5(modl2) 
p 


(2) if p=1(mod4) and / or q =1(mod4) 
q 


| {2 Ea If p is an odd prime number and if gcd(a, p)=1, then 
q 


J 


x= a(mod p") where néN is solvable if and only if 
x° =a(mod p) is solvable. 


If p is an odd prime number and if gcd(a, p)=1, then 


If p and q are odd prime numbers where p#q, then 


P a Bie f [ q Con a(mod p*) either has no solution or exactly two 
q 


incongruent solutions. 


If a is an odd integer, then x’ = a(mod2° ) has two solutions if 
a=1(mod4), and no solutions if a=3(mod4). 


If a is an odd integer, then x° = a(mod 27) is solvable only if 


a=1(mod8). There are then four solutions. 


If a is an odd integer, then x° = a(mod De ) where k =3 is 
solvable if and only if a=1(mod8). 


If a is an odd integer, then x = a(mod 2" ) where k 23 has 


exactly four solutions if a=1(mod8). 


If b isa solution of x° =a(modm) where the prime factorization 
of m is m= pi « ps e+e p and where gcd(a,m)=1, then b 
must also be a solution of each of the equations x° = a(mod pe) 


where k=1 ton. 


IfaeZ and m is a positive odd integer, then 
(<) -(0 
m 
if and only if gcd(a, m) #1. 


If m is a positive odd integer, then 


If m is a positive odd integer and a and b are any integers 


where gcd(a+b,m)=1, then if a=b(modm), we have 


If m is a positive odd integer and if a and b are any integers 


where gcd(a+b,m)=1, then 


(= )-(S)(5) 


If m is a positive odd integer and if a is any integer where 
gcd(a,m)=1, then 


If m and n are positive odd integers and if a is any integer 


where gcd(a,men)=1, then 


canes 


If m is a positive odd integer and if a is any integer where 


gcd(a, m) =|, then 


(a) 


If m is a positive odd integer having prime factorization: 


where the p, are not necessarily distinct, then 


n 


[Je . 
m—\_ i=l =p ro 
of j) ée 2) 


If m is a positive odd integer, then 


pz (m-1)/2 
ee | 
es (-1) 


n 


If m is a positive odd integer, then 


(=)=1 if m =1(mod4) 


Mm 


(=) =-1 if m=3(mod4) 


m 


If m is a positive odd integer having prime factorization: 


m= 


i=l 


where the p, are not necessarily distinct, then 


eee 


If m is a positive odd integer, then 
( 2 ‘ \n" -1)/; 
cm 


If m 1s a positive odd integer, then 


(mod 2) 


if m=1(mod8) or m=7(mod8) 


if m=3(mod8) or m=5(mod8) 


l=1 if m=+1(mod8) 


ie 
(=) =-1 if m=+3(mod8) 


If a and b are positive odd integers where gcd(a,b)=1, then 


se} 


If a and b are odd positive integers where gcd(a,b)=1, then: 


(2)-(2)-| 4, if a=1(mod4) or b=1(mod 4) 


b —| if a= b=3(mod4) 


If a and b are odd positive integers where gcd(a,b)=1, then: 


(5) if a=1(mod4) or b=1(mod4) 


-(2) if a= b=3(mod4) 


If a and b are odd positive integers where ged(a,b)=1, then 
a (at) (0-1) ( b \ 
e)=(-0 RA se, 


If P(x) and G(x) are two integral polynomials of degree n and 
k respectively where n=k, and if the leading coefficient of G(x) 
is equal to 1, then there exist two unique integral polynomials 
Q(x) and R(x) such that: 


P(x)=Q(x)*G(x)+ R(x) 
where the degree of R(x) is less than the degree of G(x). 


If p isa prime number, and if P(x)=G(x)+H(x) where P(x), 
G(x), and H(x) are all integral polynomials, then every 
solution of P(x) =0(mod p) is either a solution of 

G(x) =0(mod p) or of H(x)=0(mod p). 


Proposition 7.8-3 (Factor theorem): 
If and only if a is a solution of the congruence: 
P(x)=0(modm) 
where P(x) is an integral polynomial of degree n, will there 
exist an integral polynomial Q(x) of degree n—1 such that: 
P(x)=(x-a)+*Q(x)(modm) 


If p isa prime number and P(x) is an integral polynomial of 
degree n= p, then the congruence P(x)=0(mod p) is 


equivalent to R(x)=0(mod p) where the integral polynomial 
R(x) has a degree < p. 


If P(x) is an integral polynomial of degree n modulo p, and 
,,4,,43,°**, a, are k pairwise incongruent solutions of 
P(x)=0(mod p) where p is a prime number, then 

P(x)= (x—a,)+(x—a,)- ---«(x—a,)*Q, (x)(mod p) 


where Q,(x) is an integral polynomial of degree n—k. 


If p is a prime number and ged(x, p)=1, then 
x’ —1=0(mod p) has exactly p—1, solutions: 


x?! —1=(x—-1)+(x-2)+---+(x-(p-1))(mod p) 


If p is an odd prime number, and if Q(x) and G(x) are integral 


polynomials of degree n and k, respectively, such that 
x"! -12Q(x)+G(x)(mod p) 

then 
Q(x) = 0(mod p) 


G(x) =0(mod p) 


have n and k incongruent solutions modulo p. 


If p isa prime number and P(x) is an integral polynomial of 
degree ns p, then: 


x? —x=Q(x)+P(x)+ R(x) 


where R(x) is an integral polynomial of degree <n, and where 


P(x) has exactly n roots modulo p if and only if p| R(x). 


If p isa prime number and P(x) is an integral polynomial, then 
forkeN and x,jeZ: 


If p is a prime number and if a is a solution of the integral 
polynomial P(x)=0(mod p*) where ke N, then: 
Cases lin a P’(a), there is precisely one solution b of 
P(x)= 0(mod p*') such that b= a(mod p). This 
solution is b=a+ j«p*, where ; is the unique 


solution of: 


P’(a)+ j =-—— (mod p) 


Case 2: If p|P’(a) and p*"'| P(a), there are p solutions of 
P(x)=0(mod p‘*) that are congruent to a modulo p*. 
These solutions are a+ je p*, where j=0,1,2,--+, p—l. 


Case 3: If p| P’(a) and p‘" {P(a), there are no solutions of 
P(x) =0(mod p“') that are congruent to a modulo p*. 


If p isa prime number and a is a solution of the integral 
polynomial P(x)=0(mod p), and if p P’(a), then there exists 
exactly one solution b of P(x)= 0(mod p*) such that 

b=a(mod p). 


If P(x) is an integral polynomial where P(x)=0(modM ), and 
if M=m,em,+m,+::->m, where the m, are pairwise relatively 
prime, then P(x) has a solution if and only if each of the 


equations P(x)=0(modm,) where k=1 to n has a solution. 


If a is a solution of the integral polynomial congruence 
P(x)=0(mod M), where M has the prime factorization 

M= p+ ps? * p32 es+* po” then a must also be a solution of 
each of the equations P(x) = 0(mod p¢ ) where k=1 ton. 


If p isa prime number and P(x) is a polynomial of degree n: 


n 


P(x)= Doge! 


k=] 
where c, € Z, and if the congruence: 
P(x)=0(mod p) 


has more than n incongruent solutions, then every coefficient c, 


is divisible by p. 


Appendix D 


PRIME NUMBERS < 10000 


11 

47 

97 

149 
197 
257, 
313 
379 
439 
499 
571 
631 


13 

53 

101 
151 
199 
263 
317 
383 
443 
503 
D7 
641 


17 

59 

103 
157 
pal ld | 
269 
331 
389 
449 
509 
587 
643 


19 

61 

107 
163 
223 
271 
337 
397 
457 
521 
593 
647 


23 

67 

109 
167 
227 
pay ey 
347 
401 
461 
523 
599 
653 


as 

ras 

113 
173 
229 
281 
349 
409 
463 
541 
601 
659 


661 673 677 683 691 701 709 719 727 733 

739 743 751 757 761 769 773 787 797 809 

811 821 823 827 829 839 853 857 859 863 

877 881 883 887 907 911 919 929 937 941 

947 953 967 971 977 983 991 997 1009 1013 
1019 1021 1031 1033 1039 1049 1051 1061 1063 1069 
1087 1091 1093 1097 1103 1109 1117 1123 1129 1151 
1153 1163 1171 1181 1187 1193 1201 1213 1217 1223 
1229 1231 1237 1249 1259 1277 1279 1283 1289 1291 
1297 1301 1303 1307 1319 1321 1327 1361 1367 1373 
1381 1399 1409 1423 1427 1429 1433 1439 1447 1451 
1453 1459 1471 1481 1483 1487 1489 1493 1499 1511 
1523 1531 1543 1549 1553 1559 1567 1571 1679 1583 
1597 1601 1607 1609 1613 1619 1621 1627 1637 1657 
1663 1667 1669 1693 1697 1699 1709 1721 1723 1733 
1741 1747 1753 1759 1777 1783 1787 1789 1801 1811 
1823 1831 1847 1861 1867 1871 1873 1877 1879 1889 
1901 1907 1913 1931 1933 1949 1951 1973 1979 1987 
1993 1997 1999 2003 2011 2017 2027 2029 2039 2053 
2063 2069 2081 2083 2087 2089 2099 2111 2113 2129 
2131 2137 2141 2143 2153 2161 2179 2203 2207 2213 
2221 2237 2239 2243 2251 2267 2269 2273 2281 2287 
2293 2297 2309 2311 2333 2339 2341 2347 2351 2357 
2371 2377 2381 2383 2389 2393 2399 2411 2417 2423 


2437 2441 2447 2459 2467 2473 2477 2503 2521 2531 
2539 2543 2549 2551 2557 2579 2591 2593 2609 2617 
2621 2633 2647 2657 2659 2663 2671 2677 2683 2687 
2689 2693 2699 2707 2711 2713 2719 2729 2731 2741 
2749 2753 2767 2777 2789 2791 2797 2801 2803 2819 
2833 2837 2843 2851 2857 2861 2879 2887 2897 2903 
2909 2917 2927 2939 2953 2957 2963 2969 2971 2999 
3001 3011 3019 3023 3037 3041 3049 3061 3067 3079 
3083 3089 3109 3119 3121 3137 3163 3167 3169 3181 
3187 3191 3203 3209 3217 3221 3229 3251 3253 3257 
3259 3271 3299 3301 3307 3313 3319 3323 3329 3331 
3343 3347 3359 3361 3371 3373 3389 3391 3407 3413 
3433 3449 3457 3461 3463 3467 3469 3491 3499 3511 
3517 3527 3529 3533 3539 3541 3547 3557 3559 3571 
3581 3583 3593 3607 3613 3617 3623 3631 3637 3643 
3659 3671 3673 3677 3691 3697 3701 3709 3719 3727 
3733 3739 3761 3767 3769 3779 3793 3797 3803 3821 
3823 3833 3847 3851 3853 3863 3877 3881 3889 3907 
3911 3917 3919 3923 3929 3931 3943 3947 3967 3989 
4001 4003 4007 4013 4019 4021 4027 4049 4051 4057 
4073 4079 4091 4093 4099 4111 4127 4129 4133 4139 
4153 4157 4159 4177 4201 4211 4217 4219 4229 4231 
4241 4243 4253 4259 4261 4271 4273 4283 4289 4297 
4327 4337 4339 4349 4357 4363 4373 4391 4397 4409 


4421 4423 4441 4447 4451 4457 4463 4481 4483 4493 
4507 4513 4517 4519 4523 4547 4549 4561 4567 4583 
4591 4597 4603 4621 4637 4639 4643 4649 4651 4657 
4663 4673 4679 4691 4703 4721 4723 4729 4733 4751 
4759 4783 4787 4789 4793 4799 4801 4813 4817 4831 
4861 4871 4877 4889 4903 4909 4919 4931 4933 4937 
4943 4951 4957 4967 4969 4973 4987 4993 4999 5003 
5009 5011 5021 5023 5039 5051 5059 5077 5081 5087 
5099 5101 5107 5113 5119 5147 5153 5167 5171 5179 
5189 5197 5209 5227 5231 5233 5237 5261 5273 5279 
5281 5297 5303 5309 5323 5333 5347 5351 5381 5387 
5393 5399 5407 5413 5417 5419 5431 5437 5441 5443 
5449 5471 5477 5479 5483 5501 5503 5507 5519 5521 
5527 5531 5557 5563 5569 5573 5581 5591 5623 5639 
5641 5647 5651 5653 5657 5659 5669 5683 5689 5693 
5701 5711 5717 5737 5741 5743 5749 5779 5783 5791 
5801 5807 5813 5821 5827 5839 5843 5849 5851 5857 
5861 5867 5869 5879 5881 5897 5903 5923 5927 5939 
5953 5981 5987 6007 6011 6029 6037 6043 6047 6053 
6067 6073 6079 6089 6091 6101 6113 6121 6131 6133 
6143 6151 6163 6173 6197 6199 6203 6211 6217 6221 
6229 6247 6257 6263 6269 6271 6277 6287 6299 6301 
6311 6317 6323 6329 6337 6343 6353 6359 6361 6367 
6373 6379 6389 6397 6421 6427 6449 6451 6469 6473 


6481 6491 6521 6529 6547 6551 6553 6563 6569 6571 
6577 6581 6599 6607 6619 6637 6653 6659 6661 6673 
6679 6689 6691 6701 6703 6709 6719 6733 6737 6761 
6763 6779 6781 6791 6793 6803 6823 6827 6829 6833 
6841 6857 6863 6869 6871 6883 6899 6907 6911 6917 
6947 6949 6959 6961 6967 6971 6977 6983 6991 6997 
7001 7013 7019 7027 7039 7043 7057 7069 7079 7103 
7109 7121 7127 7129 7151 7159 7177 7187 7193 7207 
7211 7213 7219 7229 7237 7243 7247 7253 7283 7297 
7307 7309 7321 7331 7333 7349 7351 7369 7393 7411 
7417 7433 7451 7457 7459 7477 7481 7487 7489 7499 
7507 7517 7523 7529 7537 7541 7547 7549 7559 7561 
7573 7577 7583 7589 7591 7603 7607 7621 7639 7643 
7649 7669 7673 7681 7687 7691 7699 7703 7717 7723 
7727 7741 7753 7757 7759 7789 7793 7817 7823 7829 
7841 7853 7867 7873 7877 7879 7883 7901 7907 7919 
7927 7933 7937 7949 7951 7963 7993 8009 8011 8017 
8039 8053 8059 8069 8081 8087 8089 8093 8101 8111 
8117 8123 8147 8161 8167 8171 8179 8191 8209 8219 
8221 8231 8233 8237 8243 8263 8269 8273 8287 8291 
8293 8297 8311 8317 8329 8353 8363 8369 8377 8387 
8389 8419 8423 8429 8431 8443 8447 8461 8467 8501 
8513 8521 8527 8537 8539 8543 8563 8573 8581 8597 
8599 8609 8623 8627 8629 8641 8647 8663 8669 8677 


8681 8689 8693 8699 8707 8713 8719 8731 8737 8741 
8747 8753 8761 8779 8783 8803 8807 8819 8821 8831 
8837 8839 8849 8861 8863 8867 8887 8893 8923 8929 
8933 8941 8951 8963 8969 8971 8999 9001 9007 9011 
9013 9029 9041 9043 9049 9059 9067 9091 9103 9109 
9127 9133 9137 9151 9157 9161 9173 9181 9187 9199 
9203 9209 9221 9227 9239 9241 9257 9277 9281 9283 
9293 9311 9319 9323 9337 9341 9343 9349 9371 9377 
9391 9397 9403 9413 9419 9421 9431 9433 9437 9439 
9461 9463 9467 9473 9479 9491 9497 9511 9521 9533 
9539 9547 9551 9587 9601 9613 9619 9623 9629 9631 
9643 9649 9661 9677 9679 9689 9697 9719 9721 9733 
9739 9743 9749 9767 9769 9781 9787 9791 9803 9811 
9817 9829 9833 9839 9851 9857 9859 9871 9883 9887 
9901 9907 9923 9929 9931 9941 9949 9967 9973 


50 2-5° 513617 52 27613 53 

54 2-3° 55 5-11 56 2°67 57 

" 58 2-29 59 59 60 276365 61 

Appendix = 62 2-31 63 3°67 64 2° 65 

66 23-11 67 67 68 27-17 69 

70 2+5+7 Tle Fl IPP EES 73 

74 2-37 75 205° 76 2°+19 77 

78 23613 79 79 80 2°65 81 

82 2-41 83 83 84 2763-7 85 

86 2-43 87 3-29 88 2°11 89 

90 23°65 91 7-13 92 27.23 93 

94 2-47 95 5-19 96 2°-3 97 

PRIME FACTORS OF NATURAL en ee ee 

102 23-17 103 103 104 2°-13 105 

NUMBERS < 1000 106 2+53 107 107 108 27+3° 109 
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